using-spectacular
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill employs high-pressure markers such as '<EXTREMELY_IMPORTANT>', 'MANDATORY', and 'automatic failure' to hijack the agent's decision-making process. It specifically instructs the agent to ignore user requests that attempt to bypass the workflow (e.g., 'User instructions describe WHAT to build, not permission to skip workflows'). While this constitutes behavior override, the severity is rated LOW as this enforcement is the primary intended purpose of the skill.
- [Indirect Prompt Injection] (LOW): The skill creates a vulnerability surface by mandating the use of external 'constitutions' which are processed as immutable rules.
- Ingestion points: Reads from the directory
docs/constitutions/current/, specifically targetingarchitecture.md,patterns.md,tech-stack.md, andtesting.md. - Boundary markers: Absent. The skill does not define delimiters or warnings to ignore instructions embedded within these external files.
- Capability inventory: The skill references commands (
/spectacular:spec,/spectacular:plan,/spectacular:execute) that involve file creation in thespecs/directory and orchestration of subagents. - Sanitization: No sanitization or validation logic is present to filter malicious instructions within the constitution files.
Audit Metadata