Skills
skills/proffesor-for-testing/agentic-qe/qe-test-execution/Gen Agent Trust Hub

qe-test-execution

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection.\n
  • Ingestion points: Data enters the agent context via Pull Request analysis (e.g., PR #123) and the inspection of test files within the repository (SKILL.md).\n
  • Boundary markers: The provided task templates do not implement explicit boundary markers or instructions to disregard embedded commands in the analyzed data.\n
  • Capability inventory: The skill possesses the capability to execute system commands via the aqe CLI tool (SKILL.md).\n
  • Sanitization: There is no evidence of sanitization, escaping, or validation of the untrusted PR descriptions or file content before processing.\n- [COMMAND_EXECUTION]: The skill orchestrates the execution of the aqe CLI tool for running test suites. This involves constructing and executing shell commands with various flags such as --parallel, --workers, and --shard.\n- [EXTERNAL_DOWNLOADS]: The CI/CD integration example utilizes well-known GitHub Actions (actions/checkout and actions/upload-artifact), which are considered trusted sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 12:43 AM