test-driven-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): The skill employs strong imperative directives such as 'The Iron Law', 'No exceptions', and 'Delete means delete'. These are designed to override the agent's typical behavior and decision-making regarding code retention. While appropriate for advocating TDD, such patterns overlap with behavioral steering techniques.
- Indirect Prompt Injection (LOW): The workflow requires executing
npm test, which creates a surface for indirect prompt injection. A malicious user could provide input that leads the agent to generate and execute harmful test code. \n - Ingestion points: User-provided feature descriptions and bug reports (as implied by the TDD workflow examples in SKILL.md). \n
- Boundary markers: Absent; the skill does not instruct the agent to use delimiters or warnings when processing external input for tests. \n
- Capability inventory:
npm testallows for shell command execution in the local environment. \n - Sanitization: Absent; no escaping or validation of user-provided requirements is suggested before they are incorporated into test code.
Audit Metadata