tdd
Fail
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill creates a high-privilege attack surface by processing external content. 1. Ingestion points: User-provided feature requests (SKILL.md). 2. Boundary markers: Absent; there are no instructions to delimit or ignore embedded commands in feature requests. 3. Capability inventory: The workflow requires file-writing and test execution capabilities (shell/subprocess). 4. Sanitization: Absent; the skill does not define validation for user input before interpolation into the coding cycle.
- SAFE (SAFE): No intentional malicious patterns, obfuscation, hardcoded credentials, or unauthorized network operations were detected in the instructional content.
Recommendations
- AI detected serious security threats
Audit Metadata