tdd
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill implements a legitimate development workflow and contains no evidence of malicious instructions, data exfiltration, or obfuscation.\n- [COMMAND_EXECUTION]: The workflow involves running automated testing suites via
npm testandpytest. This execution is restricted to the testing phase and is necessary for the skill's stated purpose.\n- [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection as it ingests user-provided task descriptions.\n - Ingestion points: User-defined feature names in the workflow execution prompts.\n
- Boundary markers: None identified.\n
- Capability inventory: Writing implementation code and executing tests.\n
- Sanitization: No explicit validation of the input strings is performed.
Audit Metadata