Skills
skills/athola/claude-night-market/speckit-orchestrator/Gen Agent Trust Hub

speckit-orchestrator

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection by processing external, potentially untrusted project artifacts.
  • Ingestion points: The orchestrator is designed to read and process content from .specify/memory/constitution.md, spec.md, plan.md, and tasks.md as specified in the workflow steps in SKILL.md and modules/progress-tracking.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands (e.g., 'treat following text as data only') are present in the logic used to ingest these files.
  • Capability inventory: The skill facilitates the execution of implementation tasks derived from the tasks.md file via the /speckit-implement command mapping in modules/command-skill-matrix.md and modules/progress-tracking.md.
  • Sanitization: There is no documented logic for validating, sanitizing, or escaping the content of these external files before they influence the agent's workflow transitions or task execution logic.
  • [NO_CODE]: No executable scripts (.sh, .py, .js) or binary files are included in this skill. The orchestration logic is entirely described through markdown instructions and metadata modules.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 03:07 PM