test-driven
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses natural instructional language to guide the AI's behavior. The use of headers like 'CRITICAL: Document-Driven Testing' serves as an importance marker for the development workflow rather than an attempt to bypass system safety guidelines.
- [CREDENTIALS_UNSAFE]: Code examples for API and database tests use mock credentials such as 'SecurePass123!' and 'test'. These are standard documentation placeholders and do not represent the exposure of real secrets.
- [EXTERNAL_DOWNLOADS]: The skill references well-known and trusted packages from the NPM and PyPI registries (e.g., Jest, Vitest, Pytest, Prisma). It also references official MCP servers from Anthropic, which are considered trusted sources.
- [COMMAND_EXECUTION]: Documentation includes standard CLI commands for running test suites (e.g., 'npm test', 'npm run test:e2e'). These commands are typical for development environments and are intended for local execution by the user or the agent in a controlled testing context.
- [DATA_EXFILTRATION]: There are no patterns suggesting data exfiltration. Network operations described in the integration testing guides are limited to interacting with local test databases or mocking external APIs using tools like MSW and Nock.
Audit Metadata