quality-manager-qms-iso13485
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): Analysis of the markdown and placeholder scripts found no evidence of malicious patterns, data exfiltration, or command execution.
- [NO_CODE] (SAFE): The SKILL.md references several scripts in the scripts/ directory that are absent from the provided file set. This is considered a best-practice violation rather than a security threat.
- [Indirect Prompt Injection] (SAFE): The skill defines a surface for processing external quality data like complaints and audit reports. This is inherent to the QMS role. Evidence Chain: (1) Ingestion points: Customer feedback and audit results in SKILL.md; (2) Boundary markers: Absent; (3) Capability inventory: Mentions metrics dashboard and audit scripts; (4) Sanitization: Absent.
Audit Metadata