Skills
skills/naodeng/awesome-qa-skills/release-testing-workflow/Gen Agent Trust Hub

release-testing-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Multiple Python scripts in the scripts/ directory, such as batch_convert_templates.py and the various convert_to_*.py wrappers, utilize subprocess.call to execute the internal convert_formats.py or parse_formats.py scripts for file format transformation.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection (Category 8) because it processes untrusted user-provided requirements and data to generate structured testing output.
  • Ingestion points: Files in the prompts/ directory (e.g., requirements-analysis.md, functional-testing.md, and test-strategy.md) direct the agent to incorporate user-supplied product specifications and requirements into its analysis.
  • Boundary markers: The templates lack explicit delimiters (e.g., triple-quotes or XML tags) or specific warnings to the agent to ignore instructions embedded within the user data.
  • Capability inventory: The skill's bundled scripts in the scripts/ folder provide the capability to write various file formats (JSON, CSV, MD) to the local filesystem and spawn subprocesses.
  • Sanitization: There is no evidence of automated sanitization or filtering of the user-provided requirements before they are interpolated into the system prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 01:04 PM