test-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill uses imperative language to enforce TDD principles (e.g., "MANDATORY", "No exceptions"). This language is contextual to the pedagogical purpose of the skill and does not attempt to override the AI's core safety instructions or extract system prompts.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network requests were detected. Examples use mock data or local structures.
- Obfuscation (SAFE): The content is clear and uses standard Markdown and Mermaid formatting. No Base64, zero-width characters, or homoglyphs were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard local commands like
npm testfor running test suites. It does not attempt to download or execute remote scripts or install untrusted packages. - Privilege Escalation (SAFE): No commands related to privilege escalation (e.g.,
sudo,chmod) are present. - Persistence Mechanisms (SAFE): No attempts to modify system configuration files or startup scripts were found.
- Indirect Prompt Injection (SAFE): While the skill provides a framework for processing code, it does not ingest untrusted data in a way that would trigger secondary instructions or bypass safety boundaries.
Audit Metadata