qa-expert
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves its stated purpose as a QA strategy tool without any hidden or malicious behaviors.
- [COMMAND_EXECUTION]: The skill includes two Python scripts (
generate_test_plan.pyandcoverage_analysis.py). Both scripts are benign template generators that use standard libraries (pathlib,argparse) to write markdown files to the local filesystem based on user-provided arguments. - [PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guidelines was found in the markdown files or metadata.
- [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized network operations were detected. The allowed tools include
WebFetchandWebSearch, but these are standard for research-oriented skills. - [EXTERNAL_DOWNLOADS]: While the documentation mentions standard development commands like
npm auditandnpm install, the skill itself does not perform any automated external downloads or remote code execution.
Audit Metadata