qa-expert
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection within its documentation generation scripts. \n- Ingestion points: User-provided strings are ingested via command-line arguments (
--name,--owner,<feature>) passed to the Python scriptsscripts/generate_test_plan.pyandscripts/coverage_analysis.py. \n- Boundary markers: The generated markdown files do not utilize specific delimiters or boundary instructions to isolate user-supplied content from the template structure. \n- Capability inventory: The skill has access to several powerful tools, includingBash,Write,Read, andWebSearch, which could be exploited if malicious instructions embedded in generated documentation are subsequently processed by the agent. \n- Sanitization: The scripts directly interpolate input variables into markdown templates using f-strings andtextwrap.dedentwithout performing any escaping or validation of special characters or markdown syntax.
Audit Metadata