quality-detect-regressions
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local script located at
./scripts/check_all.sh. This is the intended behavior for gathering test results, coverage, and linting data. - [DATA_EXFILTRATION]: Includes a hardcoded absolute file path
/Users/dawiddutoit/projects/play/project-watch-mcpin the instructions. This path belongs to the vendor's environment and is used to set the working directory for quality checks, involving no external data transmission. - [PROMPT_INJECTION]: The skill ingests data from local script outputs which represents a potential indirect prompt injection surface. This is assessed as low risk due to the specific and limited parsing of numerical quality metrics.
Audit Metadata