gadd-implement
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill implements a TDD loop that requires the agent to write and execute code and tests. This dynamic execution is essential for the skill's purpose as a software engineering tool. Risks are mitigated by the 'Rules' section, which mandates human confirmation for any external mutations (e.g., Pull Requests).
- [PROMPT_INJECTION]: The skill processes untrusted external data such as Work Items, product requirements (PRDs), and design documents (SDDs). This creates an attack surface for indirect prompt injection.
- Ingestion points: Data enters the context via the 'Work Item ledger', 'approved triage outcomes', 'PRD', 'SDD', and 'plan.md' files.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within these documents.
- Capability inventory: The agent has the authority to edit product code, generate test harnesses, and run configured checks or shell commands (implied by test execution).
- Sanitization: No explicit sanitization or validation of the input content is described, relying instead on the TDD loop logic and human review gates.
Audit Metadata