Skills
skills/duc01226/easyplatform/qc-specialist/Gen Agent Trust Hub

qc-specialist

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external project artifacts and pull request content, creating an inherent surface for indirect prompt injection.
  • Ingestion points: The skill reads files and pull request data through the /quality-gate command and Read tool.
  • Boundary markers: No specific delimiters or instructions to disregard embedded instructions within the artifacts are provided.
  • Capability inventory: The skill possesses Write and Bash capabilities to generate reports and execute commands based on its analysis.
  • Sanitization: There are no explicit instructions to sanitize or validate the content of the project artifacts before the agent processes them.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 03:26 PM
Security Audit — agent-trust-hub — qc-specialist