skills/ecology9191/skills/to-qa/Gen Agent Trust Hub

to-qa

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Executes the bd (Beads) command-line tool to retrieve status and details for child issues within the repository.
  • [PROMPT_INJECTION]: Ingests documentation, tracker files, and external CLI output which could theoretically contain malicious instructions.
  • Ingestion points: Reads docs/agents/issue-tracker.md, .scratch tracker files, git commit messages, and output from the bd CLI tool.
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or 'ignore' warnings for the data being processed.
  • Capability inventory: Invokes MCP tools qa-to-do.run_to_qa_parent and qa-to-do.qa_session_create, and executes local shell commands via the bd tool.
  • Sanitization: Data from external sources is used directly to generate checklist items without explicit sanitization or content validation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 10:47 AM
Security Audit — agent-trust-hub — to-qa