Skills
skills/4444j99/a-i--skills/specstory-guard/Gen Agent Trust Hub

specstory-guard

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified in the skill. It performs its documented function of scanning local history files and managing a git pre-commit hook without any hidden or suspicious behavior.
  • [COMMAND_EXECUTION]: The skill utilizes the subprocess module in scripts/setup.py and scripts/guard.py to interact with Git and execute internal Python scripts. This execution is limited to the local environment and is necessary for managing the pre-commit hook.
  • [PROMPT_INJECTION]: The skill processes untrusted chat history which constitutes an indirect prompt injection surface.
  • Ingestion points: Local markdown files in the .specstory/history/ directory are read by scripts/scan.py.
  • Boundary markers: None; files are processed line-by-line using regular expressions.
  • Capability inventory: The skill uses Bash, Read, and Write permissions to manage the .git/hooks directory and execute local Python scripts.
  • Sanitization: Scan findings are reported back to the agent as truncated snippets (maximum 200 characters) to reduce the risk of processing large or malicious payloads.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:10 PM