qa-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill is configured with the
Bashtool, allowing the agent to perform technical verification tasks such as log inspection and test script execution. This is consistent with the defined QA Engineer role. - [PROMPT_INJECTION]: The agent is instructed to ingest data from external sources such as application logs, requirements documents, and user-provided acceptance criteria. This represents an indirect prompt injection surface. However, the use of structured templates and specialized QA workflows mitigates the risk of the agent deviating from its primary role.
- [SAFE]: All referenced testing tools (e.g., pytest, k6, Locust, JUnit) and frameworks are well-known industry standards. No instructions for downloading software from untrusted or unknown sources were identified.
Audit Metadata