tdd
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests configuration data from project files, creating an indirect prompt injection surface. \n
- Ingestion points: Reads the 'tdd' mode from
CLAUDE.mdor.claude/CLAUDE.md. \n - Boundary markers: Lacks specific markers to isolate configuration data. \n
- Capability inventory: Guides code modification and command execution during implementation. \n
- Sanitization: No validation is applied to the ingested configuration values. \n- [SAFE]: No other security concerns, such as malicious code or data exfiltration, were identified.
Audit Metadata