peach-qa-gate
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to run project-specific tests, linting, and build scripts (e.g.,
bun test,bun run build). These are standard operations for a QA utility. - [DATA_EXFILTRATION]: The skill performs scans for sensitive information such as passwords and local network addresses using Grep. While this is a security-oriented feature of the QA gate, it exposes sensitive data patterns to the agent's context.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it aggregates data from source files.
- Ingestion points: Source code files in the
api/andfront/modules are scanned for specific patterns. - Boundary markers: None; extracted data is directly included in the final report.
- Capability inventory: The agent can execute bash commands and write files to the disk.
- Sanitization: There is no filtering or escaping of content extracted from the codebase before it is presented to the model.
Audit Metadata