qa-expert

skills-sh:daymade_claude-code-skills__qa-expert

View source

60/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

60/100

CRITICAL 1

HIGH 1

Findings (2)

CRITICAL

Fake system prompt PROMPT_INJECTION_010

prompt-injection L180

Detects content pretending to be a system prompt

master prompt:

FIX

Remove encoded or obfuscated directives (base64, ROT13, unicode escapes, hex-encoded text). All text should be in plaintext and human-readable.

FP?

Likely FP if the encoded content is legitimate data (e.g., a base64-encoded image, a hex-encoded binary hash) rather than concealed directives.

HIGH

Autonomous agent spawning PROMPT_INJECTION_017

prompt-injection L3

Detects autonomous sub-agent or cron-based execution without human oversight

autonomous execution + autonomous

FIX

Remove directives that force the agent to call specific tools or APIs not required for the skill's stated functionality. Tool calls should be determined by user intent, not embedded directives.

FP?

Likely FP if the skill legitimately needs to call other tools as part of its workflow (e.g., a deployment skill that calls git and cloud CLI tools).