qlty-check
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill documentation requires the qlty CLI from 'https://github.com/qltysh/qlty'. This organization and repository are not on the pre-approved trusted list, meaning the tool's behavior is unverifiable and could be malicious.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. 1. Ingestion points: The skill analyzes project source code using the 'Read' tool. 2. Boundary markers: There are no explicit instructions or delimiters used to ensure the agent ignores malicious prompts embedded in code comments or documentation. 3. Capability inventory: The agent has access to 'Bash' and 'Read' tools, which could be exploited to read sensitive files or execute commands if a malicious prompt is ingested. 4. Sanitization: The skill does not describe any sanitization or validation of the code content before analysis.
Audit Metadata