Skills
skills/epicenterhq/epicenter/spec-execution/Gen Agent Trust Hub

spec-execution

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local commands bun run tsc --noEmit and bun test to verify code integrity during the development process.
  • [COMMAND_EXECUTION]: It utilizes git for staging changes and creating incremental commits that pair code modifications with specification updates.
  • [SAFE]: Implementation tasks are isolated using sub-agents, which helps ensure that each coding task has a restricted context and does not affect unrelated parts of the codebase.
  • [SAFE]: The process requires the agent to present an implementation plan to the user for approval before beginning any execution waves.
  • [SAFE]: The skill ingests external data from specification files (specs/*.md), creating a surface for potential indirect prompt injection. This risk is minimized by the modular nature of the sub-agent prompts and the explicit manual approval steps in the workflow. Ingestion points: specs/*.md files; Boundary markers: None explicitly defined; Capability inventory: File system read/write, sub-agent creation, and execution of local shell commands (git, bun); Sanitization: No explicit sanitization of spec content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 02:29 AM
Security Audit — agent-trust-hub — spec-execution