quality-audit
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (
gh) andgitto manage worktrees, issues, and pull requests throughout the audit cycle. - [REMOTE_CODE_EXECUTION]: The audit execution relies on external logic defined in
amplihackrecipes andDEFAULT_WORKFLOW.md, which are used during the analysis and fix phases. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection (Category 8) because it ingests data from an untrusted codebase at
target_path. This information is then used to populate GitHub issues and PRs, potentially influencing the agent's behavior during automated remediation steps. - Ingestion points: Files within the codebase being audited.
- Boundary markers: Documentation examples utilize shell heredocs (
cat <<'EOF') to separate findings from command logic, which helps mitigate direct shell injection. - Capability inventory: Capabilities include file system manipulation, command execution, and network communication via the GitHub CLI.
- Sanitization: No explicit sanitization or filtering of codebase content is described before it is interpolated into issue and pull request templates.
- [EXTERNAL_DOWNLOADS]: The skill references external vendor-provided resources such as the
quality-audit-cycle.yamlrecipe andDEFAULT_WORKFLOW.mdinstructions.
Audit Metadata