tdd-guide
Fail
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Vulnerable to Indirect Prompt Injection (Category 8) due to untrusted data ingestion combined with code generation capabilities. • Ingestion points: Processes user-provided source code and requirements files as described in SKILL.md. • Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions in the user's code. • Capability inventory: The skill generates executable test files and manages the TDD workflow through scripts like test_generator.py. • Sanitization: Absent; the skill does not include logic for filtering or escaping instructions found in external content.
- [COMMAND_EXECUTION] (MEDIUM): The skill documentation explicitly directs the agent to execute multiple Python scripts (e.g., scripts/test_generator.py, scripts/tdd_workflow.py) that are entirely missing from the file set. This creates a risk where the agent might attempt to find or create these scripts from unverified sources to fulfill its advertised capabilities.
Recommendations
- AI detected serious security threats
Audit Metadata