Skills
skills/ilteoood/harness/create-specification/Gen Agent Trust Hub

create-specification

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a template-driven documentation tool that instructs the agent to generate Markdown files. No malicious patterns or behaviors were detected across any threat categories.
  • [DATA_EXPOSURE]: The instructions direct the agent to save output files in a local /spec/ directory. No access to sensitive system directories (e.g., SSH keys, cloud configs) or hardcoded credentials was identified.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user input via the ${input:SpecPurpose} variable. Evidence: (1) Ingestion points: Untrusted data enters the context through the ${input:SpecPurpose} placeholder in SKILL.md. (2) Boundary markers: No explicit delimiters or instructions are used to wrap the input. (3) Capability inventory: The skill instructs the agent to write files to the local file system. (4) Sanitization: No input validation or sanitization is performed. The risk is minimal as the input is used to generate a structured document following a strict template.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 02:45 PM
Security Audit — agent-trust-hub — create-specification