tdd-workflows-tdd-red
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates user-provided data from the $ARGUMENTS variable into the prompt for the test-automator subagent, creating a surface for indirect prompt injection.
- Ingestion points: User input is received via the $ARGUMENTS placeholder in the prompt template.
- Boundary markers: The template does not employ explicit delimiters (e.g., XML tags or triple quotes) to encapsulate the user-provided arguments.
- Capability inventory: The subagent used (test-automator) has the ability to generate source code files.
- Sanitization: The input is not sanitized or validated before being passed to the subagent.
Audit Metadata