tdd-practices
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill contains no instructions to bypass safety filters or ignore system prompts. It actually includes defensive instructions (AI Red Flags) to ensure the AI remains focused on the user's specific tasks and does not add unauthorized functionality.
- Data Exposure & Exfiltration (SAFE): There are no hardcoded secrets, sensitive file paths, or network-enabled commands (curl, wget, etc.) in any of the provided files.
- Unverifiable Dependencies & RCE (SAFE): No package managers (npm, pip) or remote script execution patterns were detected. All code examples are static and illustrative.
- Obfuscation (SAFE): No Base64 encoding, zero-width characters, or homoglyphs were found in the skill content.
- Indirect Prompt Injection (SAFE): While the skill defines a workflow for processing user requirements, it is a purely instructional framework. It does not provide automated tooling that would be vulnerable to executing malicious data ingested from external sources.
Audit Metadata