spectra-spec
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructions direct the agent to 'Read the full codebase' and specifically 'Include: runtime config that affects behaviour.' This scope likely encompasses sensitive files such as .env, credentials, or configuration files containing secrets if they are present in the target directory.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external files (the codebase and the user-provided specification) without sanitization or boundary markers.
- Ingestion points: Files located in the target directory (specified by $ARGUMENTS or CWD) and the provided specification text or file.
- Boundary markers: Absent. The skill does not define clear delimiters or provide instructions to ignore potentially malicious commands embedded within the analyzed content.
- Capability inventory: The skill appears to be limited to read-only analysis and reporting; it does not explicitly define capabilities for file modification, command execution, or network transmission.
- Sanitization: Absent. There is no evidence of filtering or validation for the content being processed during the alignment analysis.
Audit Metadata