Skills
skills/proffesor-for-testing/agentic-qe/risk-based-testing/Gen Agent Trust Hub

risk-based-testing

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its ingestion of untrusted external data sources used to drive decision-making.
  • Ingestion points: The skill ingests and processes codeChanges, historicalBugs, and production-incident data to calculate risk scores and predict testing depth within the ML-Enhanced Risk Analysis and Reassess Dynamically sections of SKILL.md.
  • Boundary markers: No explicit delimiters, boundary markers, or specific instructions to ignore embedded commands are present in the task templates where this external data is interpolated.
  • Capability inventory: The skill is granted capabilities to trigger automated test generation via qe-test-generator, coordinate agent fleets, and update internal risk assessment states based on the results of the ingested data.
  • Sanitization: Lacks evidence of input validation, sanitization, or content filtering for the data ingested from bug databases or code change descriptions before it is used for risk prediction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:27 AM