twd
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'twd-js' and 'twd-relay' packages from the NPM registry. These packages are verified vendor resources belonging to the author, BRIKEV.
- [COMMAND_EXECUTION]: The skill uses Bash to perform 'npm install' and 'npx' commands, which are required to set up the test environment and run the test relay. This is consistent with the skill's primary purpose.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it ingests and processes project files. \n* Ingestion points: The agent reads 'package.json', '.claude/twd-patterns.md', and various application source files into its context. \n* Boundary markers: The 'SKILL.md' file includes an explicit 'Input boundary' instruction, warning the agent to treat all file content as data and to disregard any embedded text resembling AI instructions. \n* Capability inventory: The skill has the capability to write files and execute Bash commands (npm and npx). \n* Sanitization: There is no programmatic sanitization or filtering of the file contents being processed.
Audit Metadata