superpowers-tdd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of natural language instructions in a Markdown file. No scripts, configuration files, or binaries are included.
- [PROMPT_INJECTION] (SAFE): Evaluation of indirect prompt injection surface.
- Ingestion points: Workspace source code and test files processed by the agent.
- Boundary markers: Not specified in the skill body.
- Capability inventory: Directs the agent to execute shell commands for running test suites and linters.
- Sanitization: No sanitization or validation of the ingested code content is specified.
- Context: The risk is inherent to the development task and not introduced by malicious instructions within the skill; the TDD process itself is standard and safe.
- [SAFE] (SAFE): No malicious patterns such as direct prompt injection, data exfiltration, or obfuscation were detected. The instructions follow software engineering best practices.
Audit Metadata