gen-test-plan
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands including
git,grep,ls, andmkdirto analyze the repository context, detect the tech stack, and generate documentation. - [COMMAND_EXECUTION]: The skill facilitates the building and execution of local code from the repository being analyzed (e.g.,
cargo build,npm run build,./target/debug/...). This is expected behavior for an E2E testing utility. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data from the repository (branch names, commit messages, and file contents) and interpolates it into a YAML test plan.
- Ingestion points: Data enters the context via
git rev-parse,git diff,git log, andgrepcommands inSKILL.md(Steps 1, 3, and 4). - Boundary markers: None identified; data is interpolated directly into
docs/testing/test-plan.yamlfields likechanges_summaryandcontext. - Capability inventory: The skill can execute shell commands, write files to the disk, and trigger project builds using standard package managers.
- Sanitization: No explicit sanitization or escaping of the repository metadata is performed before interpolation into the YAML plan.
- [EXTERNAL_DOWNLOADS]: The skill triggers dependency downloads through official package registries (npm, PyPI, Cargo, Mix, Go) when executing project setup commands. These are well-known services and represent standard development workflows.
Audit Metadata