spec
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its core functionality of reading and processing untrusted data from proposal files and neighboring specifications to generate new content.\n
- Ingestion points: The skill reads project proposals and existing spec files from the workspace to identify capabilities and ensure consistency.\n
- Boundary markers: The skill defines a mandatory 'HARD-GATE' procedure, explicitly instructing the agent not to write any files until it has presented the proposed requirements and scenarios to the user and received approval.\n
- Capability inventory: The skill possesses the capability to write and modify files on the local filesystem, specifically creating specification documents in the
specs/directory.\n - Sanitization: No explicit instructions for sanitizing, escaping, or validating the input data from ingested files are provided in the instructions.\n- [NO_CODE]: The skill is composed entirely of natural language instructions in a markdown file and does not include any executable scripts or binary components.
Audit Metadata