speckit-agent-governance
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to interact only with project-specific governance files (AGENTS.md and .specify/memory/constitution.md), ensuring operations remain within a defined local scope.
- [SAFE]: A safety protocol is established in the instructions, requiring the agent to obtain explicit user confirmation before committing any changes to the governed files.
- [SAFE]: Technical analysis of the Python scripts confirms the use of standard libraries (argparse, json, yaml) for text processing without any network connectivity or dangerous system call implementations.
- [SAFE]: No evidence of obfuscation, hardcoded credentials, or prompt injection was detected in the skill's markdown or code files.
Audit Metadata