cubrid-isolation-test
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs expected software development and testing activities, such as compiling local code and executing shell scripts within designated local directories. No suspicious network connections, credential harvesting, or persistence mechanisms were detected.
- [COMMAND_EXECUTION]: The skill executes local shell commands to build CTP tools and run isolation tests. These commands are necessary for the skill's intended use and are restricted to specific local paths like
~/cubrid-testtools. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Ingestion points: Data enters the context from user-supplied arguments and Jira ticket content fetched via external tools. Boundary markers: Not explicitly defined in the prompt logic. Capability inventory: The skill can execute local shell scripts and interact with the file system. Sanitization: No explicit sanitization of external content is mentioned, although the risk is mitigated by the skill's focus on a local development and testing environment.
Audit Metadata