atdd-team
Warn
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill generates and executes a shell script named
run-acceptance-tests.shto perform automated acceptance testing.\n- [COMMAND_EXECUTION]: The agent is instructed to execute project-specific unit test commands and specialized tools like/atdd:mutateand/atdd:kill-mutants.\n- [COMMAND_EXECUTION]: The skill reads from the~/.claude/teams/directory to manage and identify existing agent team environments.\n- [PROMPT_INJECTION]: The skill handles untrusted data from feature descriptions which are processed into executable specifications, creating an indirect prompt injection surface.\n - Ingestion points: The skill reads specifications from local
specs/*.txtfiles which are generated from user descriptions.\n - Boundary markers: There are no explicit markers or instructions used to delimit specification content from agent instructions during processing.\n
- Capability inventory: The skill possesses the ability to execute shell scripts and modify project code through mutation testing tools.\n
- Sanitization: The workflow incorporates a 'Spec Review' phase where a dedicated reviewer agent audits the specifications for implementation leakage.
Audit Metadata