test-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): The skill uses assertive and restrictive language (e.g., 'The Iron Law', 'No exceptions', 'Delete means delete') to enforce a specific software development workflow. This is instructional behavior and does not target the agent's safety filters or attempt to override system-level instructions.
- COMMAND_EXECUTION (SAFE): The skill references the use of
npm testto verify software behavior. This is a standard development command used within its intended context. There are no patterns suggesting the execution of arbitrary or obfuscated strings. - INDIRECT_PROMPT_INJECTION (SAFE): While the skill is intended to process user-provided code and requirements, it functions as a behavioral guide for the agent rather than an automated data-processing tool. It does not introduce new vulnerability surfaces for code execution beyond the agent's existing capabilities for software development.
Audit Metadata