evidence-collector
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local shell script named
./qa-playwright-capture.shand standard shell utilities such asls,grep, andcatto verify the codebase and capture visual evidence. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and processes the content of various files (HTML, CSS, Blade templates) and JSON test results from the local environment to perform its analysis. These files could potentially contain malicious instructions intended to influence the agent's behavior.
- Ingestion points:
resources/views/,*.html,*.css,*.blade.php, andpublic/qa-screenshots/test-results.json. - Boundary markers: None identified; the agent reads raw file content.
- Capability inventory: Access to
bash,git, and file system operations. - Sanitization: No explicit sanitization or validation of the ingested file content is performed before processing.
Audit Metadata