testing
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) due to how it handles project-specific data and configuration files.\n
- Ingestion points: The skill reads external data from the user's repository via
.ruler/testing.mdand detects/reads testing framework configurations (e.g.,vitest.config.*,playwright.config.*).\n - Boundary markers: The prompt templates used to dispatch tasks to sub-agents (e.g.,
unit-test-writer,e2e-test-writer) use simple placeholders like[paste unit test cases]or[endpoints to mock]without employing XML tags or clear delimiters to isolate untrusted content from the system instructions.\n - Capability inventory: The agents have the capability to write files to the repository and execute shell commands (e.g.,
pnpm vitest run).\n - Sanitization: No sanitization, validation, or escaping of the ingested configuration or code is performed before it is interpolated into the agent tasks.\n- [COMMAND_EXECUTION]: The skill facilitates the execution of
pnpm vitest runto verify test suites. This behavior is documented and aligns with the skill's primary purpose as a testing tool.
Audit Metadata