test-driven-development
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides educational content and professional workflow discipline for Test-Driven Development. No malicious patterns, data exfiltration, or unauthorized access vectors were identified.
- [COMMAND_EXECUTION]: The skill references the use of standard development tools such as 'npm test' to verify code behavior. These operations are expected and appropriate within the context of the skill's purpose.
- [PROMPT_INJECTION]: The skill uses strong normative language ('Iron Law', 'MANDATORY', 'Delete means delete') to enforce TDD discipline. This is evaluated as intentional behavioral steering for educational adherence rather than a malicious attempt to bypass safety guidelines or ignore instructions.
- [SAFE]: Indirect Prompt Injection analysis: Ingestion points include project code and test files; Boundary markers are absent; Capability inventory includes command execution (npm test) and file deletion instructions; Sanitization is absent. The risk of manipulation via external data is considered safe given the scope of standard developer tasks.
Audit Metadata