tdd-spec
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses strong directives like "MANDATORY IMPORTANT MUST" to enforce task management and evidence-based reasoning. These instructions are operational guardrails for the agent's workflow and do not attempt to override core safety protocols.- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill reads project source code and Product Backlog Items (PBIs) to extract test requirements. It does not target sensitive system credentials (~/.ssh, ~/.aws) or hardcoded secrets, and no network operations to non-whitelisted domains were found.- [REMOTE_CODE_EXECUTION]: The skill utilizes the Bash tool for local code investigation, such as searching for service implementation patterns using grep. These actions are limited to static analysis of the local codebase and do not involve downloading or executing external scripts.- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from PBIs and source code, creating a surface for indirect prompt injection.
- Ingestion points: Product Backlog Items in
team-artifacts/pbis/and source code files insrc/Services/. - Boundary markers: No explicit delimiters are defined for the ingested data.
- Capability inventory: The skill can modify documentation files (
Write,Edit) and has access to the shell (Bash). - Sanitization: The risk is addressed by the mandatory interactive review step using
AskUserQuestion, which requires the user to approve the generated test cases before any file modifications occur.
Audit Metadata