tsp-model
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill instructions or metadata.
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to use standard local development commands (pnpm tsp:compile, pnpm tsp:format) for formatting and verifying code.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where user-provided domain descriptions are transformed into TypeSpec code. Ingestion points: user requests for entities or models defined in SKILL.md. Boundary markers: TypeSpec syntax and template requirements provide output structure. Capability inventory: writing generated code to the tsp/ directory. Sanitization: none specified.
- [DATA_EXFILTRATION]: References to shep.bot and shep-ai repositories are verified vendor resources belonging to the skill author.
Audit Metadata