specstory-organize
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Python script (
scripts/organize.py). This script is responsible for scanning the.specstory/historydirectory and moving files. The code is well-structured and focuses solely on its stated purpose. - [EXTERNAL_DOWNLOADS]: Documentation in the README describes standard installation procedures using
git cloneandnpx. These references point to the expected repository for this tool. - [SAFE]: The Python implementation uses regular expression matching (
^(\d{4})-(\d{2})-\d{2}_) to extract year and month components from filenames. This approach naturally prevents directory traversal attacks as the resulting subdirectory names are constrained to numeric values. No network activity, hardcoded credentials, or obfuscated content were detected.
Audit Metadata