tdd-guide
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (LOW): The skill contains no executable scripts (Python, JavaScript, Shell, etc.). The files consist entirely of documentation, sample inputs, and expected output schemas.
- [PROMPT_INJECTION] (MEDIUM): High susceptibility to Indirect Prompt Injection (Category 8) due to its core function of processing untrusted external content.
- Ingestion points: Untrusted data enters the agent context through the
source_code,requirements, andcoverage_reportinputs across all sample files and usage examples. - Boundary markers: There are no explicit delimiters or boundary markers shown in the documentation or input schemas to separate user-provided code from system instructions, increasing the risk that the agent may follow instructions embedded within the source code.
- Capability inventory: The documentation mentions a
/testcommand and test generation, indicating the agent has the capability to write and potentially execute code based on the analyzed inputs. - Sanitization: There is no evidence of sanitization, escaping, or schema validation for the
source_codeorrequirementsfields before they are processed by the LLM.
Audit Metadata