Skills
skills/4444j99/a-i--skills/specstory-project-stats/Gen Agent Trust Hub

specstory-project-stats

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the local script scripts/get-stats.js using the node command to compute project identifiers and fetch remote statistics.
  • [DATA_EXFILTRATION]: The scripts/get-stats.js file reads the .git/config file to determine the repository origin URL and extracts the project name. It also attempts to read .specstory/.project.json. The resulting project identifier is transmitted to the external domain https://cloud.specstory.com to retrieve metrics.
  • [PROMPT_INJECTION]: The skill processes untrusted data from an external API, creating a surface for indirect prompt injection.
  • Ingestion points: scripts/get-stats.js performs an HTTPS GET request to the SpecStory Cloud API.
  • Boundary markers: The instructions in SKILL.md do not utilize delimiters or specific ignore instructions directives when displaying the API JSON response to the user.
  • Capability inventory: The skill can execute local Node.js code and make outbound network requests via scripts/get-stats.js.
  • Sanitization: There is no evidence of sanitization or structure validation of the remote API response before it is formatted for the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:10 PM