tdd
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system-level commands through the Bash and node tools to execute tests, linting, and formatting (e.g., 'pnpm test'). It also specifies a pattern in 'SKILL.md' for executing local scripts such as '.claude/hooks/routing/routing-guard.cjs' using 'child_process.spawn'.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from user-defined task descriptions and scenario backlogs (ingestion points in 'SKILL.md' and 'schemas/input.schema.json'). These inputs guide agent behavior during the TDD loop without explicit sanitization or markers to 'ignore embedded instructions'. The skill's broad capabilities, including file system access and command execution (inventory in 'SKILL.md' and 'hooks/post-execute.cjs'), present a surface that could be exploited by malicious instructions in test scenarios.
Audit Metadata