test-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- [Command Execution] (LOW): The skill includes instructions to execute
npm testas part of the mandatory verification steps in the TDD cycle. While this is standard for development tasks, users should ensure the execution environment is appropriately isolated when the agent is working on code from untrusted external sources. - [Prompt Injection] (SAFE): The skill uses strong imperative language and 'Iron Laws' to enforce a specific coding methodology. These instructions are task-specific guardrails and do not attempt to override the underlying system prompts or safety filters of the AI agent.
- [Indirect Prompt Injection] (LOW): As a development tool that processes and tests code, the skill naturally involves handling external content. However, it does not include features that automatically fetch data from untrusted URLs or APIs, limiting the risk to the code the agent is explicitly tasked with modifying.
Audit Metadata