Skills
skills/asiaostrich/universal-dev-standards/bdd/Gen Agent Trust Hub

bdd

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a documentation and workflow assistant for BDD, guiding users through the Given-When-Then format. No unauthorized commands or prompt injection patterns were found.
  • [SAFE]: File system access is appropriately limited via the allowed-tools frontmatter (Read, Write, Grep, Glob), which are necessary for the skill's primary purpose of managing feature files.
  • [SAFE]: External references point to well-known developer documentation (Cucumber.io) and the author's official GitHub repository (AsiaOstrich/universal-dev-standards), which are considered trusted within the context of this project.
  • [SAFE]: Code examples provided (TypeScript/Cucumber.js) follow best practices and do not contain any suspicious logic or hidden payloads.
  • [SAFE]: The skill includes an inherent surface for Indirect Prompt Injection as it processes user-provided specifications and feature files. However, this is expected behavior for a developer assistant and is mitigated by the restricted toolset provided to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 03:59 AM