specstory-guard
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a local secret scanner for SpecStory history files, providing a beneficial security guardrail for developers to prevent accidental data leakage.
- [COMMAND_EXECUTION]: Uses subprocess to interact with the local git environment (to identify the repository root) and to chain internal Python scripts. This is legitimate behavior for a tool designed to integrate with git workflows.
- [SAFE]: No network operations, credential exfiltration, or obfuscation techniques were identified. The code is transparent and follows standard practices for a git hook installer.
Audit Metadata