tdd-strict
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions define agent behavior for TDD practices and do not contain directives to bypass safety filters or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No sensitive data access, hardcoded credentials, or unauthorized network operations were detected.
- [Obfuscation] (SAFE): The skill does not use encoding, zero-width characters, or homoglyphs to hide malicious content.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references established testing libraries (Vitest, Supertest) and does not download or execute scripts from remote URLs.
- [Privilege Escalation] (SAFE): No commands for acquiring root access or modifying system-level configurations are present.
- [Persistence Mechanisms] (SAFE): The skill does not attempt to modify shell profiles or create scheduled tasks.
- [Metadata Poisoning] (SAFE): Metadata is consistent with the skill's TDD enforcement purpose.
- [Indirect Prompt Injection] (SAFE): The skill's focus on code testing does not introduce exploitable surfaces for processing untrusted data with dangerous capabilities.
- [Time-Delayed / Conditional Attacks] (SAFE): No time-based or environment-based triggers for malicious actions were found.
- [Dynamic Execution] (SAFE): The skill relies on static code snippets and standard shell commands, avoiding dynamic code generation from untrusted sources.
Audit Metadata