usability-tester
Warn
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the agent to recommend the installation of the 'quality-auditor' skill from the 'oakoss/agent-skills' GitHub repository using 'pnpm dlx'. The 'oakoss' organization is not on the trusted list, making this an unverifiable dependency recommendation that leads to the download and installation of external code. Evidence: Found in the Delegation section of
SKILL.mdas a recommendation to runpnpm dlx skills add oakoss/agent-skills -s quality-auditor -a claude-code -y. \n- PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface as it is designed to ingest and analyze untrusted user feedback, participant quotes, and task-based data. \n - Ingestion points:
references/conducting-tests.md(participant quotes, verbal cues) andreferences/test-planning.md(task scenarios). \n - Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore embedded instructions within the processed data. \n
- Capability inventory: The skill has the capability to recommend shell-based installation of additional external skills. \n
- Sanitization: Absent; no validation or filtering of user-provided content is defined.
Audit Metadata