test-automator
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides two Python utilities,
scripts/generate_test.pyandscripts/coverage_report.py, which are used to generate Markdown templates for test planning and reporting. These scripts use the standardpathliblibrary to create directories and write files to the local file system based on user-provided arguments.- [EXTERNAL_DOWNLOADS]: The skill's documentation contains links to external educational resources (e.g., Google Engineering Practices) and references a GitHub repository (Charon-Fan/agent-playbook) for installation purposes.- [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it is designed to analyze and write tests for user-provided code. 1. Ingestion points: The skill ingests user functions and code files through requests like 'Write tests for this function'. 2. Boundary markers: No specific delimiters or 'ignore embedded instructions' warnings are present in the skill body. 3. Capability inventory: The skill has access to powerful tools includingBash,Write, andEdit. 4. Sanitization: There is no visible logic for sanitizing or escaping the content of user-provided code before it is processed for test generation.
Audit Metadata