check-quality

[Skill Scanner] [Documentation context] Credential file access detected This skill is coherent with its stated purpose (audit quality gates) and does not contain direct malicious code such as downloads, reverse shells, or hardcoded exfiltration endpoints. Primary residual risks are: (1) executing project scripts (pnpm/npm run coverage) which may run arbitrary code from the repo — a supply-chain execution risk if done unsafely; and (2) spawning external analysis agents (security-sentinel, test-strategy-architect) without documenting their permissions or where they send data — those agents could exfiltrate repository contents or secrets depending on their implementation. Also, the gh API call requires a token; callers should ensure least privilege and explicit consent. Overall, this fragment appears benign but has moderate operational risk unless execution and agent policies are restricted. LLM verification: [LLM Escalated] This skill's stated purpose (quality gate audit) aligns with most of its checks, but there are supply-chain and credential risks from two behaviors: invoking repository package scripts (pnpm/npm) which may execute arbitrary code, and spawning other agents (security-sentinel, test-strategy-architect) that are not constrained and may read local .config/credential files and make network calls. The GitHub API usage requires credentials and may cause sensitive tokens to be used by the agent. Overall