ac-tdd-runner
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [Command Execution] (MEDIUM): The skill executes tests using 'pytest', which involves running generated Python code in a subprocess. Any vulnerability in the code generation logic could lead to arbitrary command execution on the host system.
- [Remote Code Execution] (MEDIUM): The skill is designed to generate implementation and test files at runtime and then execute them. This dynamic execution of code created from potentially untrusted 'feature' descriptions is a significant security risk.
- [Indirect Prompt Injection] (LOW): The skill processes 'feature' data which enters the agent context and drives code generation. Maliciously crafted feature descriptions could lead to the generation of harmful code. Evidence Chain: 1. Ingestion points: 'feature' parameter in run_cycle, red_phase, and green_phase in SKILL.md. 2. Boundary markers: Absent; there are no delimiters or warnings to ignore instructions inside the feature data. 3. Capability inventory: Subprocess calls for 'pytest' and file-write operations for test and code files (implied in RED/GREEN phase descriptions). 4. Sanitization: Absent; no validation or escaping of the 'feature' input is mentioned.
Audit Metadata