agent-tests
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation and instructions, shipping no executable scripts, binaries, or active code components.
- [COMMAND_EXECUTION]: The skill framework explicitly directs the agent to execute arbitrary shell commands and local scripts (test-*.sh) as part of a testing workflow using tools such as gh, kubectl, and curl.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a capability surface where the agent is instructed to ingest and obey directions from external test definition files, creating a potential vector for indirect prompt injection.
- Ingestion points: Test definition files (TEST.md) and executable scripts located in the .agents/tests/ directory.
- Boundary markers: No markers or delimiters are specified to distinguish test data from agent system instructions.
- Capability inventory: The workflow involves full subprocess execution and access to administrative CLI tools.
- Sanitization: There are no instructions provided to validate or sanitize the commands found within the test definitions before execution.
Audit Metadata