test-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs authoritative language and behavioral overrides, such as the "Iron Law" and "MANDATORY" requirements, to steer the agent's logic. It includes a "Red Flags" section that instructs the agent to "STOP and Start Over" when specific process violations are detected, which acts as an instruction-level override for the agent's current task.\n- [PROMPT_INJECTION]: The "Delete means delete" instruction in SKILL.md is a destructive behavioral command that requires the agent to delete production code if it was not preceded by a failing test. This poses a risk of significant data loss or disruption if the agent misinterprets the state of the project or is coerced into this logic by malicious inputs.\n- [COMMAND_EXECUTION]: The skill directs the agent to execute the
npm testcommand. While a standard development practice, this involves the execution of code within the local environment.
Audit Metadata