qe-agentic-quality-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external, untrusted data from pull request diffs (represented by the
prDiffvariable) to drive automated tasks like test generation and risk analysis. This creates a surface for indirect prompt injection where malicious instructions embedded in a pull request could attempt to influence the agent's behavior. - Ingestion points: Pull request content (
prDiff) processed inSKILL.mdby agents such asqe-test-generatorandqe-regression-risk-analyzer. - Boundary markers: The instructions do not provide explicit delimiters or "ignore instructions" warnings when passing diff content to the agents.
- Capability inventory: The system has capabilities for spawning sub-agents, generating code/tests, executing tests, and persisting data to a local SQLite database (
.agentic-qe/memory.db). - Sanitization: No explicit sanitization, validation, or escaping of the input diff content is mentioned in the skill's instructions.
Audit Metadata