verify
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill and its referenced files provide legitimate guidance for improving software test quality and contract safety. No indicators of prompt injection, credential theft, or remote code execution were detected.
- [COMMAND_EXECUTION]: The skill utilizes an internal scan tool, 'axiom:scan', to identify structural patterns in codebase files. This is a standard practice for static analysis tools and does not involve the execution of arbitrary or unsafe commands.
- [PROMPT_INJECTION]: The skill processes untrusted codebase data for evaluation. 1. Ingestion points: Local files identified in the provided scope. 2. Boundary markers: Not explicitly defined in the skill logic. 3. Capability inventory: Limited to local static analysis ('axiom:scan') and qualitative assessment. 4. Sanitization: No explicit sanitization of codebase strings is mentioned. The risk of indirect prompt injection is minimal given the technical focus and lack of high-privilege capabilities.
Audit Metadata