cover
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure development practices by explicitly instructing agents to only modify test files and never modify production source code during the failure healing loop.
- [SAFE]: The skill uses structured subagent prompts to generate code and maintains its internal state within the local .claude directory, ensuring workflow isolation and continuity.
- [COMMAND_EXECUTION]: The skill uses CronCreate to schedule recurring test coverage checks. This automated execution is used for the legitimate purpose of monitoring coverage drift over time.
- [PROMPT_INJECTION]: The skill interpolates user-provided scope arguments into subagent prompts. While this creates a potential indirect prompt injection surface, the risk is mitigated by the skill's specific focus on testing patterns (AAA, Page Object Model) and its primary purpose of developer automation.
Audit Metadata