Skills
skills/borkweb/skills/qa-only/Gen Agent Trust Hub

qa-only

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git commands (git diff, git log) to identify modified files for determining testing scope. These use static, non-malicious arguments for local repository analysis.
  • [DATA_EXFILTRATION]: The instructions include a mandatory password redaction rule using [REDACTED], demonstrating a security-first approach to documenting authentication flows.
  • [PROMPT_INJECTION]: Ingesting untrusted content from web applications creates a surface for indirect prompt injection. The skill's instructions strictly limiting behavior to "reporting only" serve as a significant mitigation.
  • Ingestion points: External HTML, JavaScript console logs, and network traffic analyzed during testing.
  • Boundary markers: Not present for untrusted web content.
  • Capability inventory: Bash, Read, Write (for local reports), and WebSearch.
  • Sanitization: Not present.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:25 AM
Security Audit — agent-trust-hub — qa-only