tdd-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns of instruction override or safety bypass were detected. The skill uses natural language to guide the user through TDD phases without attempting to redefine agent constraints.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network requests were found in the skill definition.
- [Remote Code Execution] (SAFE): References to testing commands like
npm testand platform-specific commands are contextually appropriate for a development workflow. No untrusted remote scripts or download-and-execute patterns are present. - [Indirect Prompt Injection] (SAFE): While the skill processes user input to trigger workflows, it acts as a high-level dispatcher to predefined tools. It does not interpolate untrusted data into sensitive execution contexts in a way that bypasses system boundaries.
- [Persistence Mechanisms] (SAFE): No attempts to establish persistence on the host system (e.g., shell profiles, cron jobs) were detected.
Audit Metadata