testing
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructions define a legitimate software development testing phase. It includes objectives for safety and security testing, such as input validation and ensuring sensitive data is not exposed.- [PROMPT_INJECTION]: The skill processes module code and requirement lists, which constitutes an indirect prompt injection surface. This is a functional requirement for the skill's purpose. The risk of autonomous exploitation is mitigated by a mandatory user confirmation step before the agent executes any tests.
- Ingestion points: Reads local module code and requirement lists from the project workspace.
- Boundary markers: None explicitly defined in the provided instruction file.
- Capability inventory: Includes filesystem writes (test reports, test cases) and git operations (branch creation, merging, committing).
- Sanitization: Not explicitly defined for the ingested code content.
Audit Metadata