tdd

[Skill Scanner] Skill instructions include directives to hide actions from user All findings: [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The analyzed fragment is a coherent, purpose-aligned TDD orchestration specification, with no evident malware or credential-harvesting behavior. It remains high-risk in terms of repository modification and environment manipulation, necessitating strong safeguards (dry-run, access controls, auditing) before deployment in real projects. LLM verification: The skill is purpose-aligned and largely coherent with its claimed TDD orchestration role. However, there are notable concerns: reliance on local, non-public script sources; a static pattern indicating credential-file access within the skill documentation; and potential exposure of local environment configurations. These raise security-supply-chain concerns that warrant caution. Overall, the footprint is suspicious rather than malicious, due to credential-access hints and non-pinned distribution