bb-specify
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats or malicious patterns were identified. The skill's behavior is consistent with its stated purpose of assisting in software development workflows.
- [COMMAND_EXECUTION]: Employs standard Git operations (git fetch, git ls-remote, git branch, git checkout) to manage branches and mkdir to create directory structures. These commands are legitimate for branch-based feature development.
- [DATA_EXFILTRATION]: No evidence of unauthorized data transfer or sensitive credential access. The skill manages local project files and standard repository metadata.
- [PROMPT_INJECTION]: Instructions are focused on task completion and quality assurance. User input is processed as data for specification generation, and the logic includes constraints like a limit on clarifications to manage interaction appropriately.
Audit Metadata