test-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several shell commands to support the TDD workflow.
- Runs
rg(ripgrep) to discover existing test patterns and files within the repository. - Executes
cargo testandcargo tarpaulinto verify implementation and measure code coverage. - Uses
ralph emit(a vendor-specific tool) to report build and test status. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality.
- Ingestion points: Reads and parses content from
.spec.mdand.code-task.mdfiles to extract acceptance criteria. - Boundary markers: The instructions do not specify any delimiters or safety warnings to ignore instructions embedded within the specification files.
- Capability inventory: The skill has the ability to generate code stubs based on external input and execute them via
cargo test, as well as run search and reporting commands. - Sanitization: There is no mention of sanitizing or validating the content of the specification files before using them to generate executable code. An attacker could embed malicious instructions in a specification file that the agent might inadvertently follow during the code generation or test execution phases.
Audit Metadata