harness-bench
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute the
metaharness-darwinCLI. It interpolates user-provided file system paths (repository and suite paths) into shell command strings for creating and verifying suites. - [EXTERNAL_DOWNLOADS]: The skill references a dependency on the
@metaharness/darwinpackage. This is a scoped package associated with the vendor's ecosystem and is used for core functionality. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes external repository content and JSON files that could contain untrusted data.
- Ingestion points: Content is ingested from paths provided to the
--repoand--suitearguments (SKILL.md). - Boundary markers: The instructions do not define specific delimiters or warnings for the agent when handling the content of the test corpus.
- Capability inventory: The skill utilizes the Bash tool for CLI operations (SKILL.md).
- Sanitization: No explicit sanitization or validation of the input file content is described in the prompt instructions.
Audit Metadata