Skills
skills/levnikolaevich/claude-code-skills/ln-782-test-runner/Gen Agent Trust Hub

ln-782-test-runner

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill dynamically detects and executes shell commands for testing, building, and linting based on project configuration files like 'package.json' or 'pyproject.toml'.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its ingestion of untrusted output from test runners.
  • Ingestion points: Test result metrics and failure details are extracted from framework output in 'SKILL.md'.
  • Boundary markers: No explicit delimiters or safety instructions are defined to separate untrusted test output from agent instructions.
  • Capability inventory: The skill can execute shell commands through the 'Monitor' and 'Bash' tools and read local files.
  • Sanitization: Test output content is not escaped or validated for malicious instructions before being returned to the orchestrator.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 12:45 AM