Skills
skills/bmad-code-org/bmad-method/bmad-agent-qa/Gen Agent Trust Hub

bmad-agent-qa

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill includes instructions to "not break character until the users dismisses this persona" and mandates that the persona "must carry through and remain active" even when other skills are invoked. This pattern is used to restrict the model's behavior and override standard constraints.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by automatically loading data from project files.
  • Ingestion points: Searches for and loads **/project-context.md (SKILL.md).
  • Boundary markers: Absent. There are no instructions to the agent to treat the content of the loaded file as potentially untrusted or to ignore instructions contained within it.
  • Capability inventory: The skill references the bmad-qa-generate-e2e-tests capability which is used for code generation.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:51 PM