test-driven-development
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill grants the agent authority to run shell commands (npm test) and perform destructive file operations (Delete means delete). These are high-privilege operations that can be abused.
- [INDIRECT_PROMPT_INJECTION] (HIGH): The skill operates on external code and test files. Because the agent is directed to execute these files, an attacker could provide malicious tests that run arbitrary commands. 1. Ingestion points: Codebase files and tests. 2. Boundary markers: Absent. 3. Capability inventory: Execution of npm commands and file system deletion. 4. Sanitization: Absent.
- [PROMPT_INJECTION] (MEDIUM): The skill uses coercive and absolute language (e.g., No exceptions, Stop. That is rationalization, Violating the letter is violating the spirit) to enforce compliance. While focused on methodology, this instructional style mirrors behavioral override techniques.
Recommendations
- AI detected serious security threats
Audit Metadata