Skills
skills/sickn33/antigravity-awesome-skills/tdd-workflows-tdd-refactor/Gen Agent Trust Hub

tdd-workflows-tdd-refactor

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a prompt template that interpolates untrusted content without isolation, which is a characteristic of indirect prompt injection vulnerability surfaces.
  • Ingestion points: User-supplied code enters the agent's context through the $ARGUMENTS variable in the Usage section of SKILL.md.
  • Boundary markers: The prompt does not employ delimiters (such as triple backticks or XML tags) or specific 'ignore' instructions to separate the provided code from the agent's operational instructions.
  • Capability inventory: The skill orchestrates tasks using the Task tool and a tdd-orchestrator subagent, which inherently require capabilities for reading/writing files and executing shell commands to run tests.
  • Sanitization: The skill lacks any mechanism to sanitize or validate the content of the $ARGUMENTS variable before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 07:44 AM