qe-regression-testing
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The GitHub Actions configuration example in SKILL.md references the dorny/paths-filter@v2 action, which is a standard third-party utility for analyzing file changes in CI/CD workflows.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of untrusted external content.
- Ingestion points: The skill processes external inputs such as pull request metadata and bug descriptions via Task calls (e.g., qe-regression-risk-analyzer and qe-test-generator).
- Boundary markers: The provided code examples do not demonstrate the use of delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill coordinates a fleet of agents capable of executing tests (qe-test-executor) and runs shell-based commands such as npm test and npm run test:affected.
- Sanitization: There is no evidence of input validation or sanitization of the pr and bug data before it is used to influence agent tasks.
Audit Metadata