test
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands using the 'tldr' utility for project diagnostics and change impact analysis. These commands are used to identify type errors and affected test files before initiating the full test suite.
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection by interpolating user-defined input into the '[SCOPE]' variable passed to subagents.
- Ingestion points: User input provided during the '/test' command (e.g., the feature name or scope) is interpolated into prompts for the 'arbiter' and 'atlas' subagents.
- Boundary markers: The subagent prompts do not utilize specific delimiters or escape sequences to isolate the scope input from the rest of the instructions.
- Capability inventory: The subagents involved (arbiter and atlas) have the capability to execute code and access the file system to run unit, integration, and E2E tests.
- Sanitization: No explicit sanitization or validation of the scope string is performed before it is passed to the subagents. This is considered a low-risk surface given the functional purpose of the skill.
Audit Metadata