tdd-implementation
Pass
Audited by Gen Agent Trust Hub on Jul 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions designed to override the agent's multi-skill orchestration. It explicitly commands the agent to be the 'sole active authority' and to 'suppress' any other skills that attempt to activate during the session.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external 'Assigned issue scope' and 'acceptance criteria'.
- Ingestion points: Issue scope and acceptance criteria documents (SKILL.md).
- Boundary markers: Absent; there are no instructions to the agent to ignore potentially malicious instructions embedded in the issue descriptions.
- Capability inventory: The skill is capable of file system writes (writing code/tests) and executing command-line tools (npm, pip, etc.) to run tests.
- Sanitization: Absent; the skill does not suggest any validation or escaping of the input data before processing.
Audit Metadata