tdd
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is primarily composed of documentation and guidance content for the TDD workflow. It does not contain executable scripts or malicious logic.
- [NO_CODE]: The skill does not bundle any custom scripts (Python, JavaScript, or Shell). It relies on standard platform tools and user-provided testing frameworks to fulfill its functions.
- [SAFE]: Tool access is strictly scoped in the frontmatter to allow only specific development commands like
npm testandnpx vitest, adhering to the principle of least privilege. - [SAFE]: External references point to legitimate documentation sources and the vendor's official GitHub repository, consistent with the skill's authorship and purpose.
- [SAFE]: The skill identifies user-provided code and requirements as primary inputs. While this represents a surface for processing untrusted data (Indirect Prompt Injection surface), no evidence of unsafe interpolation or malicious boundary-bypassing patterns was found.
Audit Metadata