spec-kit

This fragment is primarily a repository-maintenance/text-templating script with no direct malware indicators (no networking, exfiltration, credential theft, or runtime payload execution). The dominant supply-chain security risk is the use of eval on the output of get_feature_paths (from common.sh), which could enable arbitrary command execution if that output is influenced by attacker-controlled data. A secondary risk is instruction poisoning: plan.md/template content is injected into agent instruction markdown files, which could be harmful if those inputs are attacker-controlled. Overall risk is moderate, driven by the eval trust boundary and the high-impact nature of modifying agent instruction files.