The Agent Skills Directory

[SAFE]: No security issues detected. The skill follows best practices for code auditing and provides detailed checklists for security (OWASP Top 10), performance, and accessibility.
[COMMAND_EXECUTION]: The skill utilizes standard, trusted security and performance analysis tools such as npm audit, bandit, and lighthouse to identify vulnerabilities and performance bottlenecks. These tools are executed locally and are industry standard for this task.
[PROMPT_INJECTION]: The skill contains no instructions aimed at overriding agent behavior or bypassing safety filters. All instructions are focused on the task of code review and quality assurance.
[INDIRECT_PROMPT_INJECTION]: While the skill reviews external code and tool outputs, the instructions emphasize accuracy and reproducibility. The risk of indirect injection from processed code is inherent to the QA domain but is mitigated by the skill's structured audit protocol.

qa-agent