The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were identified in the skill. The operations performed are standard for quality assurance automation tools and involve expected platform capabilities.
[COMMAND_EXECUTION]: The skill executes shell commands to interact with local development tools and testing frameworks. Evidence includes:
roles/executor/role.md runs test suites using npx vitest, npx jest, python -m pytest, and npx mocha.
roles/scout/role.md uses git diff to identify changes in the repository for targeted scanning.
roles/coordinator/role.md uses Bash to resolve the current working directory.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes untrusted codebase content and test execution results.
Ingestion points: Codebase files are read by the scout, generator, and strategist roles, while executor reads test failure outputs.
Boundary markers: While the skill uses structured prompt templates with clear section headers (PURPOSE, TASK, CONTEXT), it does not explicitly use delimiters designed to neutralize embedded instructions within analyzed code.
Capability inventory: The skill has the ability to modify the filesystem (Write, Edit) and execute commands (Bash), which increases the potential impact of an injection, though constraints are in place to limit modifications to test files.
Sanitization: There is no evidence of explicit sanitization or filtering of codebase content before it is processed by the AI-assisted tools.

team-quality-assurance