qa-agent
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill references running commands like
npm audit,bandit, andlighthousefor security and performance auditing. These are standard industry tools for QA and security analysis. - [PROMPT_INJECTION] (SAFE): There are no attempts to override agent behavior or bypass safety filters. The instructions focus on improving the accuracy of security audits and preventing false positives.
- [DATA_EXFILTRATION] (SAFE): The skill does not access sensitive local paths or perform network requests to untrusted domains. It focuses on local code analysis.
- [EXTERNAL_DOWNLOADS] (SAFE): No external downloads or remote script executions are present.
- [REMOTE_CODE_EXECUTION] (SAFE): No patterns for dynamic code execution (eval, exec) using external or untrusted data were found.
Audit Metadata