Skills
skills/notysoty/openagentskills/Unit Test Improver/Gen Agent Trust Hub

Unit Test Improver

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external data (source code and test files) that could contain malicious instructions.
  • Ingestion points: The agent is instructed to read and evaluate the full content of source and test files provided by the user (SKILL.md).
  • Boundary markers: Absent. The instructions do not specify the use of delimiters or provide warnings to the agent to ignore instructions embedded within the processed code.
  • Capability inventory: The skill's primarily intended capability is generating and outputting text (rewritten code). It does not explicitly request the use of tools for network access or system command execution.
  • Sanitization: Absent. There is no mechanism described to sanitize or validate the content of the processed files for embedded prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:57 AM
Security Audit — agent-trust-hub — Unit Test Improver