specification-writing
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of malicious instructions or attempts to bypass safety filters. The skill contains instructional guidance on documentation standards that do not conflict with agent safety protocols.
- [DATA_EXFILTRATION]: No network operations or commands to access sensitive local files (e.g., .ssh, .env, .aws) were found. The skill uses placeholders for local file paths which is standard practice for documentation templates.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any external downloads or remote script executions. It is entirely composed of Markdown text and templates.
- [COMMAND_EXECUTION]: No shell commands or system-level operations are present in the instructions or templates.
- [INDIRECT_PROMPT_INJECTION]: The skill represents a planning surface where an agent generates a specification meant to be consumed by other agents or sub-agents.
- Ingestion points: User descriptions of features (e.g., "write a spec for X") enter the context via the SKILL.md templates.
- Boundary markers: None explicitly defined in the templates to separate user-provided feature requirements from the agent's structural output.
- Capability inventory: The skill documentation explicitly suggests that implementer agents should "spawn sub-agents to verify and extend," indicating high-privilege capabilities in the downstream workflow.
- Sanitization: No sanitization or validation of the input feature description is defined in the skill logic.
Audit Metadata