Skills
skills/codagent-ai/agent-skills/implement-with-tdd/Gen Agent Trust Hub

implement-with-tdd

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and act upon user-provided specifications to generate implementation code and test suites. This pattern represents a surface for indirect prompt injection.
  • Ingestion points: User-provided specifications or task descriptions (e.g., "implement", "fix", "add feature", "Spec scenarios") as described in SKILL.md.
  • Boundary markers: The skill lacks explicit instructions for the agent to use delimiters or to disregard embedded instructions within the ingested specifications.
  • Capability inventory: The skill involves writing code to the file system and executing shell commands (specifically npm test as seen in SKILL.md).
  • Sanitization: No input validation or sanitization of the specification data is defined.
  • [COMMAND_EXECUTION]: The instructions direct the agent to run the npm test command to verify test results. This executes local project code within the test suite, which is a standard capability required for the skill's intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 03:48 AM