Skills
skills/dceoy/spec-kit-agent-skills/speckit-taskstoissues/Gen Agent Trust Hub

speckit-taskstoissues

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill executes a local bash script .specify/scripts/bash/check-prerequisites.sh and runs git config. Because the content of the prerequisites script is not defined within the skill, its behavior cannot be verified, posing a risk of arbitrary command execution if the repository is untrusted.- PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) by processing external task files to generate GitHub issues.
  • Ingestion points: specs/<feature>/tasks.md.
  • Boundary markers: Absent; there are no instructions to the agent to treat the file content as untrusted data or use delimiters.
  • Capability inventory: The skill possesses 'Write' capabilities (creating GitHub issues) and 'Execute' capabilities (running bash scripts), creating a high-risk surface for malicious instructions embedded in tasks.
  • Sanitization: Only basic shell argument escaping is implemented; the actual task content is not sanitized before being passed to the issue creation tool.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:04 AM