testing-api
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access attempts were identified. All actions described are consistent with the skill's stated purpose of API testing.
- [COMMAND_EXECUTION]: The skill provides examples of running various command-line tools for testing (e.g., curl, npx, pytest, go test), which is the intended functionality.
- [EXTERNAL_DOWNLOADS]: The skill references standard utilities and package managers (npm, npx) to execute testing suites, which involve fetching well-known packages from public registries.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it processes external API responses and specification files (OpenAPI, JSON Schema). This risk is inherent to the testing process and managed via standard agent guardrails.
Audit Metadata