test-spec
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses instructional markers like 'IMPORTANT' and 'MANDATORY' to enforce a specific task-oriented workflow and investigation process. This is a legitimate way to manage complex agent reasoning and does not attempt to bypass security filters.
- [SAFE]: Local file access is restricted to searching for project documentation and source code artifacts (Entities, Commands, Controllers) necessary for creating test cases. No sensitive system files or credentials are targeted.
- [SAFE]: The surface for indirect prompt injection via user-provided PBIs is effectively mitigated by mandatory 'Approval Gate' (Phase C) and 'Validation' (Phase F) steps, ensuring the user reviews and confirms all generated content before it is finalized.
- [SAFE]: Use of tools like Bash is limited to benign search operations (grep, glob) within the project directory for business logic discovery.
Audit Metadata