beck-test-driven-development
Fail
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The primary header in 'SKILL.md' contains a sequence of zero-width characters (U+200B, U+200C, U+200D) that decode to a hidden URL. This allows the skill to signal external services without the URL being visible in plain text.
- [PROMPT_INJECTION]: The use of multi-layer character obfuscation (zero-width encoding) within instruction files is a high-risk indicator of intent to smuggle commands or bypass LLM safety guardrails that would otherwise trigger on visible text patterns.
Recommendations
- AI detected serious security threats
Audit Metadata