Skills
skills/ggprompts/my-plugins/visual-qa/Gen Agent Trust Hub

visual-qa

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git commands for change detection and mcp-cli to control browser sessions via the tabz MCP server. These operations are aligned with the intended purpose of automating visual QA smoke tests.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with untrusted external data.
  • Ingestion points: Browser console logs are ingested using the tabz_get_console_logs function in SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential AI commands embedded within the logs.
  • Capability inventory: The skill has access to Bash, Read, Grep, and Glob tools, which could be leveraged if an injection is successful.
  • Sanitization: The skill lacks any visible mechanisms to sanitize or escape the content retrieved from the browser before it enters the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 04:34 AM