auto-test

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a PreToolUse hook to execute a local bash script (guard-test-integrity.sh) whenever the agent attempts to use the Edit or Write tools. This script acts as a policy enforcer to ensure test integrity by blocking the addition of 'skip' or 'only' markers in test files.
  • [PROMPT_INJECTION]: The skill processes untrusted data from the user's codebase to identify testing gaps and write new tests. This creates a surface for indirect prompt injection where instructions hidden in the code could potentially influence the agent's behavior.
  • Ingestion points: The agent reads source code, test files, and configuration files (e.g., package.json, Cargo.toml) during the discovery phase (Phase 1).
  • Boundary markers: No specific boundary markers or instructions are provided to the agent to treat the ingested code as untrusted data.
  • Capability inventory: The agent has extensive capabilities including arbitrary shell command execution via the Bash tool and file system modification via Write and Edit tools.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested code content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:15 AM
Security Audit — agent-trust-hub — auto-test