qm
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to run verification and discovery commands as part of a testing workflow. These commands are intended to be configured within the repository's durable artifacts and are part of the primary function of the role.
- [PROMPT_INJECTION]: The skill manages an 'Indirect Prompt Injection' surface by reading repository files (e.g., Gherkin specs). However, it implements a 'context firewall' and explicit boundaries that instruct the agent to ignore chat-based intent and focus solely on durable, source-controlled specifications.
- [DATA_EXFILTRATION]: No network operations or sensitive file access patterns were detected. The skill explicitly marks certain directories (like
assets/**) as read-only.
Audit Metadata