132-java-testing-integration-testing
Pass
Audited by Gen Agent Trust Hub on Jul 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of Maven commands (
mvn compile,mvn clean verify,mvn test-compile) to validate project state and verify generated code. This capability allows the agent to execute code within the project's build environment.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) and uses role-playing instructions. - Ingestion points: The skill analyzes Java source code and import statements from the user's project context to detect infrastructure needs.
- Boundary markers: There are no explicit delimiters or instructions to ignore potential commands embedded within the analyzed source code.
- Capability inventory: The skill possesses the ability to execute shell commands through the Maven build system and perform file system writes.
- Sanitization: No sanitization or validation of the ingested project code is performed prior to processing or build execution.
- Role-playing: The reference file contains instructions for the agent to adopt a specific persona ("You are a Senior software engineer..."), which is a form of prompt injection.
Audit Metadata