specs-extractor
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a set of high-quality instructions for documenting software behavior. It does not utilize remote scripts, external dependencies, or network-enabled tools.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection as its primary function is to ingest and synthesize behavior from external, potentially untrusted source code and configuration files.
- Ingestion points: The agent is instructed to read application code, database schemas, migrations, test files, and configuration files located in the user's environment.
- Boundary markers: The instructions lack explicit delimitation or 'ignore instructions' directives for the agent when processing the content of the analyzed files.
- Capability inventory: The agent has the capability to read local project files and write resulting markdown files to a designated
specs/directory on the local file system. - Sanitization: No sanitization or content validation mechanisms are specified for the data extracted from the codebase.
Audit Metadata