test-driven-development
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill includes instructions for browser testing that require ingesting untrusted data from external websites.
- Ingestion points: Data harvested from browser sessions via DevTools (DOM, console logs, network responses).
- Boundary markers: Present. The documentation includes explicit warnings that data read from browsers is untrusted and should not be interpreted as instructions.
- Capability inventory: The skill is used during software development tasks which involve file system access, command execution (e.g., running tests), and browser interaction.
- Sanitization: The skill explicitly instructs the agent to avoid navigating to URLs extracted from page content and to avoid accessing credentials or tokens via JavaScript execution.
Audit Metadata