Skills
skills/catlog22/maestro-flow/spec-load/Gen Agent Trust Hub

spec-load

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill's functionality is limited to reading and displaying content from a local directory, which is a standard pattern for project-specific documentation management.
  • [COMMAND_EXECUTION]: Uses the Bash tool for a simple directory check and the Grep tool for searching text within the loaded files. These operations are constrained to the local environment and the skill's stated purpose.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it ingests data from local files and incorporates it into the agent's context. 1. Ingestion points: Files located in the .workflow/specs/ directory (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Uses the Read, Bash, and Grep tools (SKILL.md). 4. Sanitization: No specific sanitization or escaping of the ingested file content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:12 AM