spec-driven-development
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes a gated development workflow (Specify, Plan, Tasks, Implement) that requires explicit human validation at every phase before proceeding, ensuring constant oversight of agent actions.
- [SAFE]: Explicit safety boundaries are defined in the 'Boundaries' section, which includes a strict directive to 'Never do: Commit secrets', adhering to credential security best practices.
- [SAFE]: No suspicious command execution, network exfiltration, or obfuscation techniques were detected. The included shell commands (e.g., npm test, npm run build) are provided as illustrative examples for documentation templates rather than instructions for silent execution.
- [SAFE]: The skill functions as a procedural framework for planning and documentation, delegating actual implementation to other standard workflows without introducing independent security risks.
Audit Metadata