tdd-flow
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation uses instructional markers like 'Highest Norm' and 'Master Rules' to define internal process priority. It also features a surface for indirect prompt injection through the ingestion of specification documents.\n
- Ingestion points: 'app/specs/shared/project-spec.yaml', 'func-spec.md', and 'uiux-spec.md'.\n
- Boundary markers: None identified in the prompt instructions for ingested data.\n
- Capability inventory: 'Bash', 'Write', 'Edit', and 'Task' tools allow for file modification and command execution.\n
- Sanitization: No specific content validation or escaping of the ingested specification data was observed.\n- [COMMAND_EXECUTION]: The skill uses the 'Bash' tool to run local workflow scripts ('scripts/run-all-checks.sh') and 'npm' commands to perform linting, type-checking, and unit testing.\n- [REMOTE_CODE_EXECUTION]: The skill generates source code and test files based on user-provided specifications and executes them using testing frameworks. This dynamic code execution is a central component of the intended TDD workflow.
Audit Metadata