implement-spec
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions that minimize human review, such as "Human checkpoints never block" and "A goal or implementation NEVER stops to wait on the user." These instructions encourage the agent to proceed with its tasks and make its own implementation decisions if a user does not intervene within five minutes, potentially reducing the effectiveness of human-in-the-loop security controls.
- [COMMAND_EXECUTION]: The skill performs various system-level actions including executing unit tests, performing git operations (commits, worktree creation), and spawning concurrent sub-agents to parallelize implementation work.
- [PROMPT_INJECTION]: The skill has a surface area for indirect prompt injection from the files it reads during its workflow.
- Ingestion points: In Step 1, the skill reads repository READMEs, specification READMEs, and task "slices".
- Boundary markers: None; the instructions do not require the use of delimiters or "ignore" instructions when processing these external files.
- Capability inventory: The skill can modify source code, execute tests/scripts, commit to version control, and manage sub-processes.
- Sanitization: No sanitization or validation of the input specification content is mentioned, and the skill is instructed to treat the specification as the "source of truth."
Audit Metadata