qa-execution
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automates the execution of repository-defined commands (e.g.,
make verify,npm test,pytest) discovered from the project manifests to perform verification and baseline testing.- [COMMAND_EXECUTION]: Executes a local Python utility scriptscripts/discover-project-contract.pyto identify project entry points and ecosystem-specific commands.- [EXTERNAL_DOWNLOADS]: Orchestrates dependency installation using official package managers (npm, yarn, pnpm, go, cargo, pip, poetry, uv) to set up the runtime environment for testing.- [PROMPT_INJECTION]: Evaluated the skill for instruction bypass and safety guideline overrides; instructions are focused on structural QA procedures and do not contain malicious injection patterns.- [PROMPT_INJECTION]: Mandatory Evidence Chain for Indirect Prompt Injection Surface (Category 8): - Ingestion points: Repository manifests (
package.json,Makefile,Cargo.toml), configuration files (next.config.js,pyproject.toml), and project documentation. - Boundary markers: Absent; the skill directly processes repository content to determine its execution contract.
- Capability inventory: Shell command execution, file system writes for QA reports, and browser automation via the
agent-browsertool. - Sanitization: The skill identifies and executes existing repository commands rather than interpolating untrusted content into sensitive logic templates.
Audit Metadata