tdd
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by accepting user-provided task descriptions in the $ARGUMENTS parameter. Ingestion points: SKILL.md (via the $ARGUMENTS variable). Boundary markers: Absent. Capability inventory: The skill performs file system writes for code and tests, and executes shell commands via npx (vitest, eslint, tsc) as described in the steps. Sanitization: Absent.
Audit Metadata