tdd
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes a test runner wrapper (
scripts/run_tests.sh) to execute framework-specific test commands. As a TDD tool, this capability is intended; however, it provides a surface for executing any code generated by the sub-agents or specified in the test command. - PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests external project data to inform its agents.
- Ingestion points: The orchestrator reads
README.md,API.md, and source code files usingscripts/extract_api.shandscripts/discover_docs.sh. - Boundary markers: Data is isolated using markdown headers (e.g.,
## Project documentation) in the agent prompts, but there are no explicit instructions to ignore embedded commands within that data. - Capability inventory: The agents have the capability to write/overwrite source files and execute shell commands via the orchestrator.
- Sanitization: There is no evidence of sanitization for docstrings or documentation content before they are included in the prompt context.
Audit Metadata