spec-implement
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill extracts and executes shell commands for environment setup, testing, and linting that are dynamically parsed from the
issue-to-pr-workflow.mdfile within the repository. - [PROMPT_INJECTION]: The skill adopts instructions from project-level files such as
CLAUDE.md,AGENTS.md, andcoding-rules.mdas mandatory enforcement rules, which may influence agent behavior. - [PROMPT_INJECTION]: The skill exhibits an architectural surface for indirect prompt injection. * Ingestion points: Content is read from GitHub issue bodies and local specification files within the
.specs/directory. * Boundary markers: No explicit delimiters or instructions to disregard nested prompts are implemented when processing these external data sources. * Capability inventory: The agent has the authority to modify the local file system, perform git operations (commit/push), and execute arbitrary shell commands defined in the project's workflow. * Sanitization: Data from GitHub issues and local specification files is used directly to guide the implementation loop without pre-processing or validation. - [EXTERNAL_DOWNLOADS]: The skill uses the official GitHub CLI (
gh) to communicate with GitHub services for viewing issue context and creating pull requests.
Audit Metadata