523-frameworks-micronaut-testing-acceptance-tests
Pass
Audited by Gen Agent Trust Hub on Jul 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill implements proactive safeguards against prompt injection by instructing the agent to treat Gherkin text as untrusted data. It explicitly forbids obeying instructions embedded in scenario text, comments, tables, or docstrings.
- [INDIRECT_PROMPT_INJECTION]: The skill identifies the risk of processing third-party Gherkin files and requires a 'Trust Gate' where a repository maintainer must provide a sanitized summary of scenario facts before the agent generates code. This is a recommended remediation for handling untrusted external inputs.
- [COMMAND_EXECUTION]: The skill utilizes standard Maven commands (
mvn compileandmvn clean verify) for necessary project validation and testing. These commands are restricted to the local project environment and follow standard development workflows without exposing the system to arbitrary shell injection. - [CREDENTIALS_UNSAFE]: The skill follows security best practices for testing by using
TestPropertyProviderto dynamically wire ephemeral container ports and URLs, explicitly warning against hardcoding sensitive or environment-specific values.
Audit Metadata