qe-testability-scoring
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill triggers shell scripts and Playwright test suites via the command line to perform its assessments.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the Vibium automation tool and references external codebases for its scoring logic.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external URLs.
- Ingestion points: Target URL content and TEST_URL environment variable.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the documentation.
- Capability inventory: Shell script execution and browser automation via Playwright/Vibium.
- Sanitization: The skill does not describe any sanitization of the content retrieved from the target web pages.
Audit Metadata