tdd-workflows-tdd-refactor
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external code via the $ARGUMENTS variable, creating a surface for indirect prompt injection. \n
- Ingestion points: The $ARGUMENTS placeholder in the Usage section and at the end of the Instructions. \n
- Boundary markers: Absent. User-provided code is not wrapped in delimiters (like triple backticks or specific XML tags) to distinguish it from the agent's instructions. \n
- Capability inventory: The skill triggers the 'tdd-orchestrator' agent to perform refactoring and run tests, implying code execution capabilities. \n
- Sanitization: No input validation or sanitization is specified for the processed arguments.\n- [SAFE]: No evidence of hardcoded credentials, unauthorized network requests, or malicious persistence mechanisms was found.\n- [SAFE]: The skill does not perform external downloads or execute remote scripts; the referenced resource file is local to the skill package.
Audit Metadata