Test-Driven Development (TDD)
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill contains only markdown documentation and conceptual code examples. It does not include any scripts, binaries, or environment-modifying commands.
- [PROMPT_INJECTION] (SAFE): While the instructions use strong language ('The Iron Law', 'No exceptions') to enforce the TDD methodology, these are behavioral guidelines for the coding task and do not constitute an attempt to bypass AI safety filters or exfiltrate system instructions. Indirect prompt injection (Category 8) surface analysis: 1. Ingestion points: user-provided test files and source code; 2. Boundary markers: absent; 3. Capability inventory: file deletion and modification (implicit in TDD cycle); 4. Sanitization: absent. The risk is considered negligible as it is contained within the intended local developer workflow.
- [DATA_EXFILTRATION] (SAFE): No network operations, hardcoded credentials, or access to sensitive file paths (e.g., SSH keys or environment files) are present in the skill content.
Audit Metadata