test-driven-development
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Indirect Prompt Injection Surface. The skill instructs the agent to ingest external user requirements and perform write and execute operations (writing code and running npm test). Evidence: 1. Ingestion: Feature and bugfix requests. 2. Boundary markers: Absent. 3. Capability inventory: File writing and subprocess execution. 4. Sanitization: Absent. Per security analysis rules, skills with these combined traits represent a high-risk surface for indirect prompt injection.
- [COMMAND_EXECUTION] (LOW): The skill involves the execution of local shell commands (e.g., npm test). This is a standard action for the described role but constitutes a security finding because it involves running code within the environment.
Recommendations
- AI detected serious security threats
Audit Metadata