Skills
skills/richfrem/agent-plugins-skills/spec-kitty-dashboard/Gen Agent Trust Hub

spec-kitty-dashboard

Warn

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to "treat its output as authoritative" and "Do not rediscover context from branches, files, or prompt contents." This is a direct instruction override that bypasses the agent's logic and forces exclusive trust in a tool's output, which may contain malicious instructions.
  • [COMMAND_EXECUTION]: The command spec-kitty agent shim dashboard --agent windsurf --raw-args "$ARGUMENTS" interpolates user-supplied arguments directly into a shell execution string. This creates a surface for command injection if the input contains shell metacharacters.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is created by demanding that the agent obey external tool output without using delimiters or boundary markers. 1. Ingestion point: output of the spec-kitty command. 2. Boundary markers: Absent. 3. Capability inventory: Shell command execution. 4. Sanitization: Absent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 27, 2026, 08:40 AM
Security Audit — agent-trust-hub — spec-kitty-dashboard