writing-specs

The writing-specs workflow fragment is largely benign and purpose-aligned, providing a lean, constitution-adherent method for generating feature specifications with clear run-scoped isolation. The main concerns are operational and environmental: ensure trusted sources for setup commands (CLAUDE.md), validate inputs to prevent injection in automated shells, and implement safeguards around git worktree operations and spec file access. With these mitigations, the workflow remains suitable for secure, auditable spec generation.