spec-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a documentation and workflow management framework with no detected malicious behaviors, obfuscation, or data exfiltration.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute project-specific validation commands (e.g., npm test) defined in the plan files to verify each implementation phase. This is a functional requirement for a development agent and occurs within the local environment context.
- [DATA_EXPOSURE]: The agent reads and writes documentation files (specs and plans) and standard configuration files (AGENTS.md, CLAUDE.md) to track progress and maintain context, which is consistent with its intended purpose.
Audit Metadata