spec-driven
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands like
git,ls,grep,mkdir, andfindfor managing project files and branch state throughout the development lifecycle. - [EXTERNAL_DOWNLOADS]: The research phase involves fetching information from web sources and official documentation. The instructions explicitly mandate treating this content as untrusted input and stripping out any directives or instructions it might contain.
- [REMOTE_CODE_EXECUTION]: The workflow involves executing the project's own development scripts (e.g.,
npm test,npm run lint) to verify implementation tasks. These commands are dynamically identified from the project's manifest files. - [PROMPT_INJECTION]: The skill processes user-provided PRDs and external research content, creating an indirect prompt injection surface. To mitigate this, the instructions require the agent to transform and summarize findings in its own words rather than using verbatim text.
Audit Metadata