Skills
skills/nyldn/claude-octopus/skill-tdd/Gen Agent Trust Hub

skill-tdd

Fail

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The instructions for the codex exec tool include explicit bypass markers such as 'take precedence over all skill directives' and 'Skip ALL skills'. These instructions are designed to override the operational constraints and safety guidelines of secondary agents or processes dispatched by the main agent.
  • [COMMAND_EXECUTION]: The skill guides the agent to execute shell commands using codex exec while interpolating user-provided test code into the command string. Because the <paste test code here> placeholder lacks boundary markers, escaping, or sanitization, it is vulnerable to command injection if the input contains shell-active characters like backticks or semicolons.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface in Phase 1.5. It ingests untrusted data (test specifications) and interpolates it directly into a prompt for another AI provider without sanitization or protective delimiters, allowing malicious code to potentially control the downstream model.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 9, 2026, 06:35 AM