qms-audit-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODECOMMAND_EXECUTION
Full Analysis
- [NO_CODE] (SAFE): No script files were provided in the skill package; the referenced Python script (audit_schedule_optimizer.py) is missing.
- [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface through its tool execution. (1) Ingestion points: processes.json file via CLI parameter. (2) Boundary markers: None documented. (3) Capability inventory: Local Python execution. (4) Sanitization: No validation or sanitization of input data is described.
- [COMMAND_EXECUTION] (SAFE): The skill documents the execution of a local Python script for its primary functionality, which is a standard use case for this type of agent.
Audit Metadata