Skills
skills/dceoy/speckit-agent-skills/speckit-tasks/Gen Agent Trust Hub

speckit-tasks

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes a local shell script located at .specify/scripts/bash/check-prerequisites.sh. Since this script is part of the repository rather than a remote download, the risk is limited to the integrity of the local environment.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection through the design documents it reads.
  • Ingestion points: The skill reads specs/<feature>/plan.md, spec.md, data-model.md, contracts/, research.md, and quickstart.md to extract data.
  • Boundary markers: Absent. The agent is not instructed to treat these files as untrusted data or to ignore embedded instructions.
  • Capability inventory: Includes execution of a bash script and writing files to the local directory.
  • Sanitization: No sanitization is performed on the content extracted from artifacts beyond basic shell character escaping for script arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:08 PM