kmp-snapshot-testing-setup
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands (cp, chmod, find, sed) to set up the project environment and perform string replacements. This is standard behavior for a setup utility but involves direct interaction with the host filesystem.\n- [PROMPT_INJECTION]: The skill instructions in SKILL.md define an attack surface for indirect prompt injection by interpolating user-provided inputs (project paths, package names) into shell commands without explicit boundary markers or sanitization logic.\n
- Ingestion points: User project paths and package names provided during the setup process in SKILL.md.\n
- Boundary markers: Absent in the shell command templates.\n
- Capability inventory: Shell command execution (sed, find, cp, chmod) and filesystem write operations across multiple scripts.\n
- Sanitization: Absent; the skill relies on the agent's internal handling of interpolated variables.\n- [EXTERNAL_DOWNLOADS]: The skill configuration adds dependencies on well-known testing libraries (Kotest, Turbine) to the project's build files. These downloads are performed by standard build tools and target official package registries.
Audit Metadata