tdd-workflows-tdd-red
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates user-provided test requirements via the $ARGUMENTS placeholder into its prompt template without using delimiters or sanitization. This creates an indirect prompt injection surface where untrusted data could attempt to override agent instructions.
- Ingestion points: The prompt template in SKILL.md directly interpolates $ARGUMENTS.
- Boundary markers: No delimiters or ignore-instructions warnings are present around the input placeholder.
- Capability inventory: The skill utilizes the Task tool with a unit-testing subagent and instructs the agent to run generated tests.
- Sanitization: No sanitization or validation of the input data is described.
- [COMMAND_EXECUTION]: The skill generates code for various testing frameworks and instructs the agent to execute these scripts locally to verify failure during the validation phase. While standard for a TDD workflow, the execution of generated content is a dynamic execution pattern.
Audit Metadata