Skills
skills/junhyunny/skills/tdd-commit/Gen Agent Trust Hub

tdd-commit

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands (git add and git commit) to manage the repository state. These operations are strictly gated by user confirmation (the user must type "commit" or "ship it" to proceed).
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes data from local session files to generate summaries and commit messages.
  • Ingestion points: Content is read from session files in the .tdd-sessions/ directory.
  • Boundary markers: Absent; the skill does not use specific delimiters to isolate session file content from instructions.
  • Capability inventory: The agent has the ability to execute git commands and write/delete files in the .tdd-sessions/ directory.
  • Sanitization: None; the skill relies on the LLM to interpret the session file content without pre-processing or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:29 PM