test-driven-development
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes authoritative language and strict behavioral constraints (e.g., "The Iron Law," "No exceptions," and "Delete means delete") to override default agent behavior and enforce a rigid methodology.
- [COMMAND_EXECUTION]: Instructions direct the agent to perform shell executions, specifically
npm test, to validate test results during the lifecycle of a feature or bugfix. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes user-provided source code and test definitions without adequate protection. \n
- Ingestion points: The agent is instructed to read and analyze user-provided source code and TypeScript files (e.g.,
path/to/test.test.ts). \n - Boundary markers: No delimiters or "ignore embedded instructions" warnings are specified for the external content being processed. \n
- Capability inventory: The skill utilizes shell command execution via
npm testand commands the agent to perform destructive file system modifications (directives to "Delete it" inSKILL.md). \n - Sanitization: No sanitization, validation, or escaping of the user-provided content is performed before the agent acts upon it.
Audit Metadata