qa-feedback
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to perform automated QA on creative assets. It operates within a restricted execution environment using a predefined set of tools and does not attempt to bypass safety constraints or perform unauthorized actions.
- [DATA_EXPOSURE]: The skill accesses local configuration files (
motion-creative.config.md) and references content from sibling skills within the plugin directory to establish brand context and methodology. These operations are aligned with the skill's intended purpose and do not target sensitive system files or credentials. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external sources, such as creative transcripts and user-supplied briefs, which could theoretically contain malicious instructions.
- Ingestion points: Untrusted data enters the context via the
$ARGUMENTSvariable (asset descriptions, URLs, and briefs) and themcp__motion__get_creative_transcripttool. - Boundary markers: The instructions do not define explicit delimiters or headers to isolate untrusted content from the system instructions.
- Capability inventory: The skill is limited to read-only tool calls and lacks capabilities for command execution, file modification, or outbound network requests to arbitrary domains.
- Sanitization: There is no evidence of specific sanitization or filtering applied to external content before processing.
- [COMMAND_EXECUTION]: The skill does not contain any shell commands, subprocess invocations, or scripts that execute dynamic code.
Audit Metadata