qa
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local binary located at
~/bin/eldev. This is used to run the project's test suite and report results. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from project documentation files to drive code generation and testing logic. This is a common pattern for QA agents but carries a risk if documentation contains malicious instructions.
- Ingestion points: Requirements and design documents located in
docs/plans/used to extract acceptance criteria. - Boundary markers: None specified for the ingested documentation content.
- Capability inventory: File system read/write access for creating tests and execution of the
eldevbinary. - Sanitization: No explicit sanitization or validation of the documentation content is performed before it is used to influence test generation.
Audit Metadata