tdd-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious code, obfuscation, or hardcoded credentials were detected in the skill content.
- [COMMAND_EXECUTION]: The skill documents the use of standard development commands such as
npm testandnpm run test:coverage. These are typical for software engineering workflows and do not pose a security risk in this context. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it generates tests based on user-provided 'User Journeys'.
- Ingestion points: User input described in 'Step 1: Write User Journeys'.
- Boundary markers: None identified.
- Capability inventory: Execution of tests via
npm test. - Sanitization: None specified for the user-provided journey text.
Audit Metadata