spec-architect
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: CRITICALNO_CODE
Full Analysis
- SAFE (SAFE): The skill is a structured instruction set for managing a document-driven development process. It reads local templates and writes markdown files to a specific project subdirectory (.agent/specs/).\n- NO_CODE (SAFE): Analysis of all files (SKILL.md and resources/) confirms that the skill contains no source code (Python, JavaScript, etc.), binaries, or system-level configuration files.\n- DATA_EXFILTRATION (SAFE): No commands for network communication (curl, wget, etc.) or access to sensitive user data (e.g., ~/.ssh, credentials) were found. All file operations are restricted to the local project environment.\n- EXTERNAL_DOWNLOADS (SAFE): No remote scripts or packages are downloaded or executed. The automated security alert identifying 'requirements.md' as a malicious URL is a false positive, as the name refers to a local documentation file used by the skill's logic.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata