qa-gate
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local project scripts (
pnpm test,pnpm check-types,pnpm lint) to validate code quality. This is standard behavior for a quality gate tool and uses the well-known pnpm package manager. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external data such as story files and code changes.
- Ingestion points: Reads documentation from
docs/stories/(Phase 1) and analyzes repository source code during specialist reviews (Phase 3). - Boundary markers: Input content is interpolated into sub-agent prompts (haiku-based reviews) without explicit isolation or instructions to ignore embedded commands.
- Capability inventory: The skill has permissions to write files to the repository (
docs/qa/gates/), modify existing story files, and execute subprocesses viapnpm. - Sanitization: There is no evidence of sanitization, escaping, or filtering of ingested text before it is presented to the AI sub-agents.
Audit Metadata