test-gen
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute shell commands to run and verify tests. Specifically, it uses a hardcoded execution pattern:
node scripts/run-with-timeout.js 300 <test-cmd>. This relies on a local script that is not provided by the skill itself, which could lead to unexpected behavior depending on the environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It analyzes untrusted source code (Step 2) to generate executable test files (Step 4), which are then automatically executed (Step 5).
- Ingestion points: Target source files, specific functions, or directories provided by the user (SKILL.md).
- Boundary markers: Absent. The instructions do not specify delimiters or guidelines to prevent the LLM from following instructions embedded within the source code being analyzed.
- Capability inventory: The agent has the capability to write files and execute shell commands via
nodeand various test runners (Jest, Vitest, Pytest, etc.). - Sanitization: No sanitization or validation of the source code's logic is performed before it is used to generate the test suite, meaning malicious payloads disguised as code could be reflected into the executable test file.
Audit Metadata