tdd
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard software engineering practice (TDD) and does not contain malicious instructions, hidden payloads, or obfuscated content.
- [COMMAND_EXECUTION]: Instructs the agent to execute standard testing commands such as 'pnpm test' and 'uv run pytest'. These commands are appropriate for the stated purpose and are executed within the local project environment.
- [DATA_EXFILTRATION]: No network-bound commands or patterns for exfiltrating sensitive data were identified. The operations are confined to the local project structure.
- [PROMPT_INJECTION]: The skill contains instructional logic for the agent's behavior during code implementation and does not attempt to bypass safety filters or extract system-level prompts.
- [SAFE]: Regarding indirect prompt injection (Category 8), the ingestion points are user-provided feature descriptions or bug reports triggering the skill. While this provides a surface for user-contributed code to be executed via test runners, the skill itself defines a standard and safe methodology for development without introducing exploitable vulnerabilities.
Audit Metadata