cmd-speckit-init
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches configuration files and shell scripts from the official GitHub repository 'github/spec-kit' using 'git clone'. These files are used to establish the project's development workflow.
- [COMMAND_EXECUTION]: Utilizes standard system commands such as 'git clone' to retrieve assets, 'git remote get-url' to detect project names, and 'rm -rf' for temporary directory cleanup.
- [SAFE]: No suspicious behaviors such as credential exfiltration, obfuscation, or unauthorized access to sensitive files were detected. All operations are aligned with the skill's stated purpose of project initialization.
Audit Metadata