Skills
skills/thibautbaissac/rails_ai_agents/tdd-red-agent/Gen Agent Trust Hub

tdd-red-agent

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill enforces a strict boundary that prevents the agent from modifying any source code in the 'app/' directory, limiting its scope to testing files.
  • [COMMAND_EXECUTION]: The skill utilizes 'bundle exec' to run RSpec tests, RuboCop for linting, and Rake for factory validation. These commands are essential for the TDD workflow and are restricted to the 'spec/' directory.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists as the agent generates and executes Ruby tests based on user-provided feature requirements. Mandatory Evidence Chain: 1. Ingestion points: User-provided feature descriptions. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Ruby code execution through 'bundle exec rspec', 'rubocop', and 'rake' across SKILL.md. 4. Sanitization: No sanitization of user input is specified before code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 12:16 AM