qmd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill reads content from local markdown files into the LLM context window, which could contain adversarial instructions. * Ingestion points:
qmd query,qmd search, andqmd getcommands inSKILL.md. * Boundary markers: Absent; no specific delimiters or 'ignore' instructions are provided to isolate search results. * Capability inventory: UsesBashfor command execution andReadfor file access. * Sanitization: Absent; the skill does not filter or sanitize retrieved file content.
Audit Metadata