skills/mattpocock/skills/to-spec/Gen Agent Trust Hub

to-spec

Pass

Audited by Gen Agent Trust Hub on Jul 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues were detected. The skill acts as a guided prompt for summarizing project needs into a standardized format.
  • [COMMAND_EXECUTION]: Interactions with the project repository and issue tracker are consistent with the skill's primary function and do not involve unauthorized command execution.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes conversation context to generate content for an issue tracker.
  • Ingestion points: Conversation history (SKILL.md)
  • Boundary markers: Absent
  • Capability inventory: Publication to project issue tracker
  • Sanitization: Absent
  • This represents a standard surface for indirect prompt injection, but is considered safe within the intended context of a documentation assistant. The command /setup-matt-pocock-skills is a recognized configuration resource from the author.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 8, 2026, 01:20 PM
Security Audit — agent-trust-hub — to-spec