speckit-checklist
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs a local PowerShell script located at
.specify/scripts/powershell/check-prerequisites.ps1. This is used to initialize the environment and extract directory metadata, which is consistent with the skill's documented prerequisite for the 'spec-kit' framework.- [PROMPT_INJECTION]: The skill is subject to potential indirect prompt injection as it ingests untrusted data from local files. - Ingestion points: Reads documentation from
spec.md,plan.md, andtasks.mdwithin theFEATURE_DIR. - Boundary markers: The instructions lack explicit XML or unique delimiters for the ingested content, though they provide strict constraints on the agent's output logic.
- Capability inventory: Includes the ability to execute shell scripts and write new markdown files to the local file system.
- Sanitization: No specific sanitization or filtering is performed on the ingested documentation content. Despite these surface risks, the skill includes robust instructions and negative examples (anti-patterns) to ensure the agent remains focused on requirement quality validation rather than implementation verification.
Audit Metadata