test-spec

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it is instructed to read and process data from multiple project files (e.g., docs/PRD.md, docs/UX_SPEC.md). An attacker with write access to these source files could include instructions intended to influence the generated output in docs/TEST_SPEC.md.
  • Ingestion points: File reads from the docs/ directory.
  • Capability inventory: The agent is permitted to use Read, Write, Glob, Grep, and AskUserQuestion tools.
  • Boundary markers: The instructions do not define clear delimiters or specify that embedded instructions in source files should be ignored.
  • Sanitization: There is no explicit requirement for the agent to sanitize or validate the content of the documentation before generating the test specification.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — test-spec