Back to skill

Security audit

单元测试工程师 单元测试覆盖

Security checks across malware telemetry and agentic risk

Overview

This skill only gives an agent focused instructions for adding or updating unit tests, with no hidden install behavior or persistent access.

Install this if you want an agent to create focused PHPUnit/Pest unit tests and make small related code changes for testability. Review generated diffs and the exact test command it runs, especially when a request only mentions generic coverage rather than unit-test coverage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation guidance uses broad keywords like unit test, PHPUnit, Pest, and coverage without explicit exclusion criteria, which can cause the skill to trigger in contexts where a narrower or different skill should be used. In an agent system, over-broad routing increases the chance of mis-scoped actions, inappropriate code/test changes, and bypass of more suitable review or implementation skills.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.