spec-coverage-map
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill employs common shell utilities such as
find,wc,cat, andgrepto locate specification files and determine the current state of the project. These commands are used for local file discovery and do not involve any unsafe execution of remote or untrusted code. - [DATA_EXFILTRATION]: There are no network-based operations or external data transfer mechanisms defined. The skill exclusively reads local project documentation and outputs a summary report to the local file system (
docs/spec-coverage-map.md). - [PROMPT_INJECTION]: Analysis of the instructions revealed no attempts to override agent behavior, bypass safety guardrails, or extract system prompts. The use of instructional language is consistent with the skill's stated purpose of documentation generation.
- [SAFE]: The skill operates as a utility for developers to visualize implementation coverage. It relies on local file parsing and standard formatting logic without introducing any identified threat vectors.
Audit Metadata