spec-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for local document analysis and reporting. It correctly uses restricted file system tools (Read, Write, and Edit) within the provided workspace context. There is no evidence of network operations, credential harvesting, or unauthorized command execution.
- [PROMPT_INJECTION]: The skill processes untrusted external data from PRD and specification documents, creating a potential surface for indirect prompt injection.
- Ingestion points: The skill reads external markdown files (prd-source.md, prd-analysis.md, and spec.md) into the context for analysis.
- Boundary markers: No specific delimiters (such as XML tags or dedicated boundary markers) are defined for the content of these files, which may lead the agent to confuse document content with instructions.
- Capability inventory: The skill possesses the capability to modify files in the local workspace using Write and Edit tools.
- Sanitization: There is no explicit validation, filtering, or sanitization logic applied to the content read from the source files before it is processed.
Audit Metadata