Skills
skills/shaul1991/shaul-agents-plugin/qa-tester/Gen Agent Trust Hub

qa-tester

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection as it processes external files and executes commands based on their content.
  • Ingestion points: The agent uses Read, Grep, and Glob tools to ingest content from the local codebase (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the files being tested are provided.
  • Capability inventory: The agent has the ability to execute shell commands via Bash(npm:*) and modify files using Write and Edit tools (SKILL.md).
  • Sanitization: There is no evidence of sanitization or validation of the ingested code before it is passed to the LLM or executed via test runners.
  • Command Execution (SAFE): The skill requires Bash(npm:*) to perform its primary function of running tests (e.g., npm run test). While powerful, this is restricted to the npm ecosystem and is consistent with the skill's stated purpose as a QA tester.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:42 PM