spec-kit-clarify
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill ingests untrusted data from specification files to identify ambiguities, creating a surface for indirect prompt injection. \n
- Ingestion points: Reads specification content from
spec.md(resolved viaFEATURE_SPEC). \n - Boundary markers: No explicit delimiters are used to wrap the ingested content in the agent's context. \n
- Capability inventory: The skill can execute local scripts and write updates back to the file system. \n
- Sanitization: The skill does not perform sanitization on the specification content before processing.
Audit Metadata