qa-acceptance
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill contains hardcoded credentials within its configuration examples and scripts. Specifically, the password 'Test1234!' is hardcoded for the test admin account 'admin@test.local' in the .env.test sections of SKILL.md and CONTEXT.md. While these are intended for local mock environments, hardcoding passwords is a poor security practice.
- [COMMAND_EXECUTION]: The skill documentation includes instructions and scripts for executing shell commands to initialize and clean up test data. Evidence includes 'npm run db:seed' and 'npm run db:cleanup' in the SKILL.md file. This provides a mechanism for local command execution.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted external data. Ingestion points: Reads 'acceptanceCriteria' from Planner task cards and PR descriptions from developers (SKILL.md). Boundary markers: No delimiters or instructions to ignore embedded commands are present in the processing logic. Capability inventory: The skill can execute shell commands via npm, perform browser automation via Playwright, and make arbitrary network requests via Supertest and k6. Sanitization: No input validation or escaping mechanisms are described before data is interpolated into test execution scripts.
Audit Metadata