Skills
skills/teambrilliant/dev-skills/qa-test/Gen Agent Trust Hub

qa-test

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various shell commands including git diff and gh pr view to gather testing context.
  • [EXTERNAL_DOWNLOADS]: Retrieves project metadata and Pull Request details from GitHub using official CLI tools like gh.
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by ingesting test criteria verbatim from untrusted sources. Evidence Chain: (1) Ingestion points: Pull Request bodies (via gh pr view), GitHub Issues (via gh issue view), and project shape documents. (2) Boundary markers: Absent; ingested text is treated as authoritative criteria without delimiters. (3) Capability inventory: Includes browser manipulation (Chrome MCP), database access (Postgres MCP), and shell command execution. (4) Sanitization: No validation or filtering of external input is performed before interpolation into agent prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:04 AM
Security Audit — agent-trust-hub — qa-test