Skills
skills/knowlet/claude-acpx/tdd-execute-acpx/Gen Agent Trust Hub

tdd-execute-acpx

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill orchestrates the acpx command-line tool for automated code auditing and implementation. The use of the --approve-all flag in Phase 3 and Route B allows the tool to execute its logic autonomously within the provided session context.
  • [COMMAND_EXECUTION]: Uses git rev-parse HEAD and git status to establish a baseline and ensure a clean working environment before beginning the TDD cycle.
  • [PROMPT_INJECTION]: The skill manages an attack surface for indirect prompt injection when processing external task descriptions:
  • Ingestion points: Reads task definitions from user-provided plan files (e.g., in .claude/plan/) and scans existing production code (SKILL.md).
  • Boundary markers: Not explicitly defined in the prompts to separate external file content from the agent's core instructions.
  • Capability inventory: The agent can execute the acpx tool, perform git operations, and trigger the code-reviewer skill.
  • Sanitization: The skill contains an explicit protocol in the Core Protocols section to sanitize secrets before including file contents in any generated prompt file, reducing the risk of accidental credential exposure.
  • [PROMPT_INJECTION]: In tdd-specialist-role.md, the agent is instructed to create test cases for security vulnerabilities (e.g., SQL injection strings and XSS payloads). This is a standard and expected behavior for a TDD specialist role and is used for testing application defenses rather than attacking the agent itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 09:10 AM