trellis-update-spec

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill performs local file operations restricted to the .trellis/spec/ directory to manage project-specific documentation and coding standards.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data (debugging logs and discussions) into persistent documentation used to guide future agent sessions.
  • Ingestion points: Information gathered from "debugging, implementing, or discussion" in Step 1.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used when updating documentation.
  • Capability inventory: Reading and writing markdown files within the .trellis/ directory.
  • Sanitization: No content validation or sanitization is performed on the ingested information before persistence.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 05:48 PM
Security Audit — agent-trust-hub — trellis-update-spec