tdd-workflows-tdd-red

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill incorporates user-provided test requirements via the $ARGUMENTS placeholder into its prompt template without using delimiters or sanitization. This creates an indirect prompt injection surface where untrusted data could attempt to override agent instructions.
  • Ingestion points: The prompt template in SKILL.md directly interpolates $ARGUMENTS.
  • Boundary markers: No delimiters or ignore-instructions warnings are present around the input placeholder.
  • Capability inventory: The skill utilizes the Task tool with a unit-testing subagent and instructs the agent to run generated tests.
  • Sanitization: No sanitization or validation of the input data is described.
  • [COMMAND_EXECUTION]: The skill generates code for various testing frameworks and instructs the agent to execute these scripts locally to verify failure during the validation phase. While standard for a TDD workflow, the execution of generated content is a dynamic execution pattern.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 06:29 PM
Security Audit — agent-trust-hub — tdd-workflows-tdd-red