qa-agent
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill defines a legitimate persona for auditing codebases for security, performance, and accessibility. All identified resources and instructions align with standard QA practices and do not exhibit malicious intent.\n- [COMMAND_EXECUTION]: The skill correctly identifies and uses standard security tools such as
npm audit,bandit, andlighthousefor static and dynamic analysis. These are used as intended for their primary security purpose within the defined execution protocols.\n- [DATA_EXFILTRATION]: While the skill includes instructions to search for sensitive data like passwords or secrets during audits, this is a core function of a security tool. There is no evidence of unauthorized exfiltration or network activity targeting untrusted domains.
Audit Metadata