test-case-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses multiple Python wrapper scripts (such as
convert_to_json.pyandparse_xmind.py) that utilizesubprocess.callto execute local formatting logic. These executions are securely implemented using argument lists and the local Python interpreter, preventing shell-based injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The
README.mdreferences external setup scripts (install-skills-mac.shandinstall-skills-windows.ps1) for repository-wide installation. These are external to the skill and align with the author's documented installation workflow. - [SAFE]: Prompt instructions in
prompts/test-case-reviewer.mdare focused on functional quality assurance and contain no behavior-overriding instructions or safety bypasses. - [SAFE]: No network exfiltration patterns, hardcoded credentials, or unauthorized file access attempts were detected in the skill's scripts or configuration files.
Audit Metadata