qa-project-context
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface area for indirect prompt injection (Category 8).
- Ingestion points: The agent reads various local project configuration files (e.g.,
package.json,next.config.*,requirements.txt) and captures interactive user input to populate the.agents/qa-project-context.mdfile. - Boundary markers: The instructions do not define boundary markers or 'ignore' delimiters for the data read from external project files.
- Capability inventory: The skill performs file system read/write operations to create directories and manage the context file within the project root.
- Sanitization: There is no mention of sanitization or validation of the content extracted from project files before it is interpolated into the context document, which could lead to downstream agents being influenced by malicious content embedded in those files.
Audit Metadata