spec-kit-analyze
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill includes shell scripts (scripts/check-prerequisites.sh, scripts/common.sh) that contain commands to execute files from a parent directory (../../spec-kit/scripts/). This directory traversal pattern allows the execution of code from outside the skill folder, which is a security risk if the environment layout is not strictly controlled.
- EXTERNAL_DOWNLOADS (MEDIUM): The SKILL.md file references external resources and logic from the github/spec-kit repository. Since the github organization is not included in the 'Trusted External Sources' list, this reference is classified as unverifiable and potentially unsafe.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted project documentation to generate reports, creating a surface for injection. -- Ingestion points: spec.md, plan.md, tasks.md, memory/constitution.md. -- Boundary markers: Absent. -- Capability inventory: Shell script execution. -- Sanitization: Not mentioned.
Audit Metadata