shift-left-testing
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill's documentation, schemas, and evaluation configurations confirms it is a legitimate resource for quality engineering. No malicious patterns, such as prompt injection, data exfiltration, or unauthorized command execution, were found. All code snippets are illustrative and serve educational purposes for testing methodologies.
- [INDIRECT_PROMPT_INJECTION]: The skill defines workflows for processing external data like requirements and code changes, which presents an indirect injection surface. 1. Ingestion points: 'userStories' and 'prFiles' parameters in agent tasks. 2. Boundary markers: Not explicitly defined in the provided orchestration hints. 3. Capability inventory: Orchestration of specialized testing agents (qe-test-generator, qe-requirements-validator) with test generation capabilities. 4. Sanitization: No explicit sanitization or filtering is described. This surface is inherent to the skill's purpose and is assessed as safe in this context.
Audit Metadata