Skills
skills/zernie/vigiles/migrate-to-spec/Gen Agent Trust Hub

migrate-to-spec

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Suggests the installation of the vigiles package and the use of the zernie/vigiles GitHub Action. These are author-provided resources used for document verification.
  • [COMMAND_EXECUTION]: Performs several shell commands including dependency installation (npm install), project building (npm run build), and specification compilation (npx vigiles compile).
  • [PROMPT_INJECTION]: Ingests content from documentation files like CLAUDE.md which represents a surface for indirect prompt injection. * Ingestion points: Reads the content of CLAUDE.md in Step 1. * Boundary markers: No specific delimiters are used for the ingested content. * Capability inventory: The skill can write files, install packages, and execute shell commands. * Sanitization: The skill applies structural parsing to transform markdown into a TypeScript template.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:28 PM
Security Audit — agent-trust-hub — migrate-to-spec