Skills
skills/zpankz/mcp-skillset/test-driven-development/Gen Agent Trust Hub

test-driven-development

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill presents a high-risk indirect prompt injection vulnerability surface. It instructs the agent to ingest untrusted data (feature and bugfix descriptions) and grants it write/execute capabilities. Evidence Chain: 1. Ingestion Point: SKILL.md (description: 'implementing any feature or bugfix'). 2. Boundary Markers: Absent; the skill does not define delimiters to wrap external content. 3. Capability Inventory: Code generation and local command execution (npm test in references/methodology.md). 4. Sanitization: Absent; no validation or filtering of user input is specified.
  • [COMMAND_EXECUTION] (LOW): The skill explicitly instructs the agent to execute local shell commands (npm test) to verify code. While standard for developer tools, this functional capability escalates the severity of potential prompt injection attacks.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:58 AM