tdd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection surface detected. The skill ingests untrusted user descriptions of features or bugs to generate test cases and implementation code. Evidence Chain: 1. Ingestion points: User-provided descriptions of desired logic or bugs as seen in
examples/dialogue-examples.md. 2. Boundary markers: Rule 1 inSKILL.mdmandates explicit identification of the entity under test, providing logical separation. 3. Capability inventory: The agent is guided to create and modify project source files and unit tests. 4. Sanitization: No specific input sanitization or validation is applied to user-provided descriptions. - Unverifiable Dependencies (SAFE): Mentions standard Go testing packages like
testifyandtestcontainersin templates. - Data Exposure & Exfiltration (SAFE): No sensitive data access or network communication detected.
Audit Metadata