Skills
skills/catlog22/maestro-flow/spec-add/Gen Agent Trust Hub

spec-add

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by storing unvetted user input in documentation files that may be read by the agent in future sessions.
  • Ingestion points: User-provided content from the <content> argument is written to files in the .workflow/specs/ directory.
  • Boundary markers: Entries are structured using markdown headers and timestamps (e.g., ### [{type}] [{YYYY-MM-DD}]), providing structural separation but lacking explicit instructions to ignore potentially malicious content within the entry.
  • Capability inventory: The skill uses the Write tool to modify documentation files and the Bash tool to check for directory existence.
  • Sanitization: The skill validates the <type> argument against a whitelist of approved categories but does not sanitize the primary <content> payload.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:12 AM