Skills
skills/finos/morphir-dotnet/qa-tester/Gen Agent Trust Hub

qa-tester

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of local build and test commands including ./build.sh (targets like Compile, Test, PackAll) and dotnet CLI operations (test, tool install, fsi).
  • [EXTERNAL_DOWNLOADS]: The skill's F# scripts utilize NuGet for package management, specifically referencing the well-known Spectre.Console library for terminal output formatting.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it is designed to ingest and act upon data from pull requests, issues, and comments; however, this is inherent to its purpose as a QA tool and it includes no instructions to bypass safety guardrails.
  • [REMOTE_CODE_EXECUTION]: While the skill executes F# scripts (.fsx), these are local files provided within the skill's own directory structure and are used for project-specific automation tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:44 PM