qa-personality-builder
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the creation of other skills that use Bash for operational tasks like HMAC-SHA256 signature generation via openssl. This is used to simulate authentic webhook payloads for Slack and Stripe.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it takes arbitrary user input for 'Test Scenarios' and 'Specialty' and embeds them into newly generated skill files. 1. Ingestion points: User responses to guided questions in SKILL.md (Mode A). 2. Boundary markers: The generation process follows the structured template defined in rules/std-structure.md. 3. Capability inventory: The generated skills can utilize Bash, WebFetch, and Read tools. 4. Sanitization: Content is interpolated into markdown templates without explicit sanitization beyond the structural rules.
- [SAFE]: Use of well-known service references (Slack, Stripe) and standard configuration patterns (env.qa) follow development best practices.
Audit Metadata