spec-kit
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the
specify-clitool directly from the official GitHub organization repository (github/spec-kit) using theuvorpipxpackage managers. It also references the official installation script for theuvtool from Astral's domain. - [REMOTE_CODE_EXECUTION]: The
scripts/install.shscript automates the installation of thespecify-clifrom a remote Git repository. Additionally, the script contains documentation in the form of an informational message suggesting the use of a piped shell script (curl | sh) to install theuvpackage manager if it is missing from the environment. - [COMMAND_EXECUTION]: The skill uses
bashand CLI commands to manage the SDD pipeline, including project initialization (specify init) and executing agent-specific command routines defined in the.specify/directory. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill processes project-specific data including constitution templates, requirements specifications, and task files stored in the
.specify/directory. - Boundary markers: None explicitly defined in the skill instructions to delimit untrusted user content from agent instructions.
- Capability inventory: The skill has access to shell execution (
Bash), file system modification (Write,Edit), and CLI tool execution (specify). - Sanitization: No explicit sanitization or validation of the processed specification files is performed before they are used to drive the agent's SDD pipeline.
Audit Metadata