windows-qa-engineer
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The installer script clones the official Microsoft UFO repository from GitHub to the user's home directory. This is a documented dependency from a trusted organization required for the skill's automation functionality.
- [COMMAND_EXECUTION]: The skill provides an installer (
scripts/skill_installer.py) and an environment diagnostic script (scripts/doctor.ps1) that execute system commands for git cloning, virtual environment creation, and Python package installation. These operations are functional for the skill's setup and maintenance. - [DATA_EXFILTRATION]: The skill exposes tools to capture window screenshots and retrieve text from UI controls (labels, IDs, names). While these provide significant visibility into the user's desktop, they are intended for manual and automated QA verification and are only triggered by explicit agent actions.
- [PROMPT_INJECTION]: The skill ingests data from the target application's UI, such as window titles and control labels, into its context. This creates a surface for indirect prompt injection if a malicious application displays text designed to override agent instructions, though the skill does not exhibit patterns of intentional vulnerability.
Audit Metadata