qa-metrics
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is entirely descriptive and instructional. It provides frameworks, formulas, and strategic advice for QA metrics without implementing any automated actions, shell commands, or scripts.
- [NO_CODE]: There are no executable files, Python scripts, Node.js modules, or binary payloads included with this skill, which eliminates the possibility of direct code execution or privilege escalation.
- [SAFE]: No external downloads, package installations, or remote code execution patterns were detected. The mentions of tools like Istanbul, Datadog, or Grafana are purely for documentation and architectural recommendation.
- [SAFE]: The skill does not perform any network operations or access sensitive system configuration files. It references a local context file (
.agents/qa-project-context.md), which is standard for AI agent documentation and does not pose a data exfiltration risk. - [SAFE]: Metadata is consistent with the provided author context and the stated purpose of the skill.
Audit Metadata