Skills
skills/pedronauck/skills/qa-report/Gen Agent Trust Hub

qa-report

Fail

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Both scripts/create_bug_report.sh and scripts/generate_test_cases.sh utilize a prompt_input function that performs dynamic variable assignment using eval on unvalidated input. This pattern is inherently unsafe as it allows shell metacharacters to trigger arbitrary command execution.
  • [REMOTE_CODE_EXECUTION]: The skill instructions in SKILL.md direct the AI agent to execute shell scripts to generate reports. Since these scripts are vulnerable to command injection and the agent may populate them with data sourced from external environments (such as Figma designs via the Figma MCP), this creates a significant risk of arbitrary code execution.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface.
  • Ingestion points: User request strings and external design specifications from Figma (referenced in SKILL.md and references/figma_validation.md).
  • Boundary markers: None identified.
  • Capability inventory: Subprocess execution of internal shell scripts that contain command injection vulnerabilities.
  • Sanitization: Absent; the shell scripts do not sanitize or escape input prior to evaluation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 17, 2026, 12:02 AM