test-reporting-analytics
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill possesses an attack surface where untrusted external content enters the agent's context and influences decision-making capabilities.
- Ingestion points: The 'prDiff' variable used in the 'Predict Failures' task in SKILL.md.
- Boundary markers: No explicit delimiters or boundary instructions are provided to the agent when processing the untrusted PR diff data.
- Capability inventory: The skill utilizes the 'qe-quality-gate' agent to perform environment-specific threshold validation and gates deployment readiness.
- Sanitization: There is no evidence of data sanitization, filtering, or schema validation for the ingested 'prDiff' content.
Audit Metadata