scan-e2e-tests
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to search for and document sensitive configuration patterns within the codebase. It specifically instructs the agent to 'Find settings/configuration classes (URLs, credentials, timeouts)' and 'Find test account/credential management patterns', which targets potentially sensitive data storage practices.
- [COMMAND_EXECUTION]: The skill uses multiple shell commands (
grep,find,ls) to perform deep scans of the project directory across various programming languages (.NET, TypeScript, Python, Java) to identify frameworks and patterns. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads and processes arbitrary project files (code, BDD feature files, and configuration files) to generate documentation. If an attacker embeds malicious instructions in these project files, they could influence the agent's behavior during the 'Generate' or 'Verify' phases.
- Ingestion points: Reads project source code,
.featurefiles,package.json,.csproj, andpom.xmlfiles. - Boundary markers: None identified in the instructions to separate untrusted file content from agent instructions.
- Capability inventory: Shell execution (
grep,find), file read/write access to the project directory. - Sanitization: No evidence of sanitization or validation of the content extracted from project files before interpolation into the final documentation or project configuration.
Audit Metadata