draft-spec
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for project planning and documentation drafting. Its primary function is to gather requirements and synthesize them into a markdown file.
- [COMMAND_EXECUTION]: The skill performs file system operations limited to creating and writing specification files in the
.turbo/specs/directory, which is the intended and documented behavior. - [EXTERNAL_DOWNLOADS]: The skill utilizes platform documentation tools and web searches to retrieve idiomatic patterns and technical constraints for libraries or frameworks mentioned by the user. These operations are used for context grounding and do not involve executing untrusted code.
- [REMOTE_CODE_EXECUTION]: The instructions mention running matching 'skills' via a platform tool. This is a mechanism for loading decision-level guidance and architectural context related to the user's project vision, not an attempt to execute unauthorized remote scripts.
- [DATA_EXPOSURE]: There is no evidence of the skill accessing sensitive system files or environment variables. It exclusively processes information provided by the user during the discussion and writes to a project-specific directory.
Audit Metadata