Skills
skills/sien75/graphicode-skills/graphicode-qa-tester/Gen Agent Trust Hub

graphicode-qa-tester

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands for reading files (cat) and running tests. The specific test command (e.g., vitest or bun test) is retrieved from a project configuration file (graphig.md), which is a standard functional requirement for development-oriented agents.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it is instructed to ingest and process data from external module READMEs and YAML flow specifications. However, the skill does not contain any malicious instructions or attempts to override agent safety protocols.
  • [EXTERNAL_DOWNLOADS]: The skill documentation references standard testing frameworks and environments such as Bun, Vitest, and Jest. No unauthorized remote downloads or unverified script executions were identified in the analyzed content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:34 AM
Security Audit — agent-trust-hub — graphicode-qa-tester