grey-haven-tdd-python
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill is a coding assistant that processes and writes files using Bash and MultiEdit. While it has access to powerful tools, this is appropriate for its stated TDD purpose and no malicious intent was found. Evidence: 1. Ingestion points: Read/Glob tools in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, MultiEdit. 4. Sanitization: Standard LLM safety filters.
- Command Execution (SAFE): Access to Bash is explicitly for running pytest and development commands as part of the red-green-refactor cycle.
- Metadata Poisoning (SAFE): All metadata fields correctly describe the skill functions without deceptive content.
Audit Metadata