trellis-update-spec
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill performs local file operations restricted to the .trellis/spec/ directory to manage project-specific documentation and coding standards.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data (debugging logs and discussions) into persistent documentation used to guide future agent sessions.
- Ingestion points: Information gathered from "debugging, implementing, or discussion" in Step 1.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when updating documentation.
- Capability inventory: Reading and writing markdown files within the .trellis/ directory.
- Sanitization: No content validation or sanitization is performed on the ingested information before persistence.
Audit Metadata