tdd-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Technical analysis of the skill body and metadata reveals no attempts at prompt injection, obfuscation, or persistence. The skill adheres to documented coding standards and testing best practices.
- [COMMAND_EXECUTION]: The workflow includes standard shell commands for running tests (
npm test) and generating coverage reports (npm run test:coverage). These operations are essential for the skill's functional purpose and are executed within the local development context. - [DATA_EXFILTRATION]: Code examples demonstrate secure testing patterns by mocking sensitive external dependencies such as Supabase, Redis, and OpenAI, which prevents actual network calls and data leakage during the testing phase.
- [EXTERNAL_DOWNLOADS]: While the skill mentions common ecosystem packages (e.g., Playwright, Next.js), it does not initiate any remote script downloads or piped execution from unverified sources.
Audit Metadata