tdd-workflow
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to run local shell commands such as
npm testandnpm run test:coverage. While these are standard development practices, they involve executing code within the local environment. - [INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill possesses a vulnerability surface where untrusted data (User Journeys) enters the agent context and can influence the generation of tests and implementation code.
- Ingestion points: User-provided 'User Journeys' and requirements in Step 1.
- Boundary markers: Absent. The skill uses standard markdown headers but no explicit delimiters to segregate user input from instructions.
- Capability inventory: The skill has the capability to execute shell commands (
npm test) and modify/create files (Step 4: Implement Code). - Sanitization: Absent. There is no instruction to validate or sanitize the 'User Journey' content before using it to generate executable test code. An attacker could provide a user journey that includes malicious code intended to be executed during the 'npm test' phase.
Audit Metadata