test-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (LOW): The skill instructs the agent to execute shell commands such as
npm testto verify code changes. While these are standard developer actions, they involve local process execution based on generated content. - [Indirect Prompt Injection] (LOW): The skill is designed to process untrusted user data (feature requests and bug descriptions). It lacks explicit boundary markers or sanitization logic to prevent malicious instructions embedded in those descriptions from influencing the agent's behavior during code generation.
- Ingestion points: Processes feature requests and bugfixes as described in
SKILL.md. - Boundary markers: Absent; the instructions do not specify using delimiters for user input.
- Capability inventory: Shell command execution (
npm test) as seen inSKILL.md. - Sanitization: Absent; no escaping or validation of user-provided feature descriptions is mentioned.
- [Prompt Injection] (SAFE): The instructions use strong imperative language (e.g., "The Iron Law") to enforce the TDD methodology. However, these are internal process controls and do not attempt to bypass the AI's core safety filters or extract system prompts.
Audit Metadata