Skills
skills/naodeng/awesome-qa-skills/sprint-testing-workflow/Gen Agent Trust Hub

sprint-testing-workflow

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes multiple Python scripts that utilize subprocess.call to execute other scripts within the local directory.
  • Evidence: scripts/convert_to_csv.py, scripts/parse_excel.py, and scripts/batch_convert_templates.py use sys.executable to run convert_formats.py or parse_formats.py.
  • These scripts chain local execution to handle file parsing and format conversion (e.g., Markdown to CSV/JSON).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is specifically designed to ingest and analyze untrusted external data such as user requirements and API documentation.
  • Ingestion points: prompts/requirements-analysis.md and prompts/api-testing.md explicitly instruct the agent to read and analyze external docs, stories, and design notes.
  • Boundary markers: The prompts do not implement delimiters or specific instructions to disregard potentially malicious commands embedded within the analyzed documents.
  • Capability inventory: The agent has access to local scripts in the scripts/ folder that can read from and write to the local filesystem.
  • Sanitization: No evidence of input sanitization or validation of the ingested data was found in the prompt instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 09:00 AM