exp-test-tagging
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and analyzes untrusted source code to perform classification logic and file modifications.
- Ingestion points: The skill analyzes method names, assertions, inputs, and comments from the test project provided as input.
- Boundary markers: No delimiters or instructions are specified to prevent the agent from following directions potentially embedded in the source code strings or comments.
- Capability inventory: The skill performs file writes to inject trait attributes into C# files and recommends executing 'dotnet build' for verification.
- Sanitization: There is no validation or sanitization of the ingested code content before it influences the agent's logic.
- [COMMAND_EXECUTION]: The skill workflow includes running 'dotnet build' as a validation step. Executing build commands on untrusted repositories is a potential security risk, as malicious code can be executed via custom MSBuild targets or initialization hooks during the build process.
Audit Metadata