Skills
skills/help-me-test/skills/helpmetest-test-generator/Gen Agent Trust Hub

helpmetest-test-generator

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill generates Robot Framework test scripts by interpolating data from external feature artifacts into templates. These scripts are then executed using automated testing tools. This dynamic generation and execution of code is a core feature of the skill but presents a security surface if the input artifacts are compromised.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external feature artifacts to construct executable test logic without explicit sanitization.
  • Ingestion points: External data is loaded via the helpmetest_get_artifact tool in SKILL.md.
  • Boundary markers: The workflow does not utilize specific boundary markers or delimiters to separate untrusted artifact data from the test script logic.
  • Capability inventory: The skill has access to command execution tools including helpmetest_run_interactive_command and helpmetest_run_test as defined in SKILL.md.
  • Sanitization: There is no evidence of validation or sanitization of the content retrieved from feature artifacts prior to its use in test generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 11:50 PM
Security Audit — agent-trust-hub — helpmetest-test-generator