Skills
skills/nyldn/claude-octopus/skill-coverage-audit/Gen Agent Trust Hub

skill-coverage-audit

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands such as git, find, and grep to identify changed files and locate existing test coverage within a local repository. These operations are intrinsic to the skill's primary purpose of auditing code and do not show signs of malicious intent.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads source code files to generate new test scripts. While this is a functional requirement, malicious patterns in the analyzed code could potentially influence the output.
  • Ingestion points: Local source code files and git diff outputs.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands are defined.
  • Capability inventory: Shell command execution (git, find, grep) and automated generation of code files.
  • Sanitization: There is no evidence of content sanitization or validation before using repository data to generate test code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 06:50 AM