The default mode of generate_tests is deterministic. It parses your function and writes tests from what it finds, all on the local machine. No AI provider is contacted unless the caller opts in explicitly by passing provider:"Anthropic" in the request. Leave that field out and no Anthropic call is possible.
Proven by AiGating.Tests.ps1. The suite keeps both directions as permanent tests: attack cases that try to trigger a provider call without the opt-in, and positive controls confirming the opt-in path still works when a caller actually asks for it.
No machine name and no absolute user path appears in any MCP tool response. If the server runs on a box whose name would identify your employer, that name stays out of everything the tools return, and so does C:\Users\yourname\....
Proven by AirGapScrub.Tests.ps1, which scans tool responses for hostname and user-path leakage.
The server treats every argument as data. The cmdlet names in its execution path are fixed, so a hostile value in a function name or a parameter can’t turn into a command the server runs. Injection attempts fail safely instead of executing.
Proven by InjectionContainment.Tests.ps1. That suite also carries the regression tests from a working-directory anchoring issue found and fixed during development; the tests stayed in the suite after the fix so the bug can’t quietly return.
Cancel a long-running generation mid-run and the server returns a structured error within its timeout instead of hanging. This matters most when a pipeline is driving the server, because a hung tool call stalls the run until somebody notices. A structured error is something the calling script can catch.
Proven by Cancellation.Tests.ps1.
Everything above is engineering discipline verified by an internal automated test suite. The four suites named on this page run inside a combined suite of 49 tests, and the last verified run passed 49 of 49.
That is not a formal security certification. PesterForge holds no SOC 2, FedRAMP, or HIPAA certification, and no third-party audit or penetration test stands behind these claims; the evidence is the test suite itself. If your procurement checklist requires a named framework, this page won’t satisfy it. We’d rather say so here than have you find out on a call.
Questions about any of the four suites go to security@detentpoint.com.