saleor-testing
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches test configuration files from the official Saleor GitHub repository. This is an expected action for developers setting up testing environments based on official project structures. \n- [COMMAND_EXECUTION]: The skill instructs the agent to use
Bashto runpytestand various CI/CD tools such asruffandmypy. These operations are standard for software testing and linting workflows. \n- [PROMPT_INJECTION]: The skill utilizesWebSearchandWebFetchto retrieve external documentation, creating an indirect prompt injection surface where external content could influenceBashcommand execution. This risk is evaluated as safe given the reliance on official vendor documentation. \n - Ingestion points: Web searches for Saleor/pytest documentation and fetching of specific repository files from GitHub. \n
- Boundary markers: None specified in the instructions. \n
- Capability inventory:
Bash,Write,Edit,Read,WebSearch,WebFetch. \n - Sanitization: No explicit sanitization of external documentation content is mentioned. \n- [SAFE]: No obfuscation, data exfiltration, or malicious injection patterns were detected during the analysis.
Audit Metadata