tahr-test-business-workflows

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill defines a rigorous methodology for testing business logic in stateful applications. It includes strong safety boundaries such as using disposable fixtures, requiring explicit authorization for live requests, and defining cleanup procedures to restore state.
  • [DATA_EXPOSURE]: The instructions address the management of sensitive data (PII, credentials, and customer records) by mandating redaction in findings and focusing on value classes rather than raw secrets.
  • [INDIRECT_PROMPT_INJECTION]: The skill includes a data ingestion surface for untrusted inputs. 1. Ingestion points: source roots, specifications, and captured network traffic (SKILL.md). 2. Boundary markers: Absent during the reconstruction phase. 3. Capability inventory: Implicit access to network and file tools for baseline capture and execution. 4. Sanitization: Mandated redaction of PII and secrets in output. The risk is considered low as the instructions focus on structured analysis and reproducible impact rather than autonomous command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 02:59 PM