Skills
skills/a16z/jolt/new-spec/Gen Agent Trust Hub

new-spec

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill is designed for documentation and specification workflows. It reads local repository files (e.g., TEMPLATE.md, README.md) and writes output to a specific 'specs/' directory, which is standard behavior for development tools.
  • [COMMAND_EXECUTION]: The skill executes 'gh api user' to retrieve the user's GitHub login name. This is a legitimate use of the official GitHub CLI to populate metadata fields in the generated specification.
  • [PROMPT_INJECTION]: No patterns indicative of prompt injection, jailbreaking, or system prompt extraction were found in the instructions.
  • [DATA_EXFILTRATION]: No evidence of data exfiltration or unauthorized network communication was detected. The use of 'gh' is restricted to retrieving identity metadata.
  • [EXTERNAL_DOWNLOADS]: The skill does not perform any remote script downloads or installations from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 02:55 PM