drill-tdd
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses directive language such as 'The Iron Law' and 'Delete means delete' to ensure the agent adheres to the TDD methodology. These instructions are specific to the development process and do not attempt to override system safety guidelines or extract sensitive information.
- [COMMAND_EXECUTION]: The skill mentions executing standard local testing commands like 'npm test' as part of the verification process. This is appropriate for a software development skill and does not involve unauthorized command injection or privilege escalation.
- [DATA_EXFILTRATION]: There is no evidence of the skill attempting to access sensitive files (such as .env or SSH keys) or transmit data to external servers.
- [REMOTE_CODE_EXECUTION]: No patterns of remote script downloading or execution were found; the skill focus is entirely on local code implementation and testing.
Audit Metadata