133-java-testing-acceptance-tests

Pass

Audited by Gen Agent Trust Hub on Jul 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill establishes a strong authority boundary by instructing the agent to treat all Gherkin-related text (Features, Scenarios, Steps) as untrusted data only. It specifically mandates that the agent must never execute or obey instructions embedded within this content, which is a key defense against indirect prompt injection attacks.
  • [COMMAND_EXECUTION]: The instructions involve the use of standard Java build tool commands (mvn compile and mvn clean verify). These are used correctly to ensure project stability and to execute the newly created tests within the appropriate Maven lifecycle phase (Failsafe).
  • [EXTERNAL_DOWNLOADS]: The skill recommends the addition of well-known and trusted testing libraries, specifically io.rest-assured and org.wiremock, to the project's build configuration. These are standard industry dependencies for the described task.
  • [DATA_EXFILTRATION]: The reference documentation includes explicit safety constraints forbidding the use of real secrets, production URLs, or API keys in test configurations or WireMock stubs, encouraging the use of simulated environments and dynamic port allocation instead.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 11, 2026, 05:56 PM