test-gen
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill detects and executes shell commands (e.g.,
npm test,pytest,go test) derived from project configuration files likepackage.jsonorpyproject.tomlto run tests and check coverage. - [REMOTE_CODE_EXECUTION]: The skill generates new test files and subsequently executes them using the project's detected test runner. This dynamic execution of generated content is a core functionality but poses a risk if the generation process is influenced by malicious source code.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted local data to drive logic and execution.
- Ingestion points: The skill reads source code files and project metadata (
package.json, configuration files). - Boundary markers: Absent; there are no delimiters or instructions provided to the agent to disregard instructions potentially embedded within the source files being analyzed.
- Capability inventory: The skill has the ability to write files to the local system and execute arbitrary shell commands via detected test runners.
- Sanitization: Absent; the skill extracts commands from configuration files and executes them without validation.
Audit Metadata