qa
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions are focused on legitimate QA activities. It uses standard codebase exploration and GitHub CLI tools to perform its tasks.
- [COMMAND_EXECUTION]: The skill uses the 'gh issue create' command to automate the creation of GitHub issues. The instructions specify providing numbered steps and domain-specific context in the issue body.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill reads local project files, such as 'UBIQUITOUS_LANGUAGE.md', to ensure alignment with the project's terminology. This information is used to improve the quality of filed issues.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user bug reports to generate GitHub issues. 1. Ingestion points: User bug descriptions (SKILL.md). 2. Boundary markers: The skill uses structured Markdown templates for issue creation. 3. Capability inventory: Codebase exploration via sub-agents and issue creation via 'gh issue create'. 4. Sanitization: No specific sanitization or escaping of user input is implemented before interpolation into issue templates.
Audit Metadata