Skills
skills/anortham/mcp-toolbox-workflows/tdd-powerhouse/Gen Agent Trust Hub

tdd-powerhouse

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is granted access to the Bash tool to facilitate code implementation and test execution. This capability allows for arbitrary command execution within the agent's environment, which is a necessary but high-impact permission for the intended TDD workflow.
  • [PROMPT_INJECTION]: The workflow is susceptible to indirect prompt injection due to the ingestion of workspace data without explicit sanitization or instruction boundaries.
  • Ingestion points: Local source code and search results are retrieved via mcp__julie__fast_search, mcp__julie__get_symbols, and the Read tool (SKILL.md).
  • Boundary markers: There are no instructions to use delimiters or ignore potential directives embedded within the code or files being processed.
  • Capability inventory: The skill has broad capabilities to modify the environment via Bash, Edit, and Write tools (SKILL.md).
  • Sanitization: The skill lacks logic to sanitize or validate external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 11:09 AM