qa-test-cases
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill operates within its intended functional scope.
- [COMMAND_EXECUTION]: The skill executes local shell scripts (id-generator.sh and index-updater.sh) to handle internal state management, such as generating unique test IDs and updating the project index. These scripts are part of the platform's internal infrastructure.
- [PROMPT_INJECTION]: The skill processes untrusted user-provided requirements and PRD files, which presents a surface for indirect prompt injection. 1. Ingestion points: Acceptance criteria provided via arguments or extracted from files using the Read tool. 2. Boundary markers: The skill implements a distinct Analysis phase and generates a preview of extracted criteria for user verification. 3. Capability inventory: The skill can write to specific output directories, edit designated configuration fields, and run internal indexing scripts. 4. Sanitization: A mandatory 'HARD STOP' requires explicit human approval of the test plan before any generation or file writing occurs.
Audit Metadata