Skills
AGENT LAB: SKILLS
skills/feiskyer/codex-settings/spec-kit-skill/Gen Agent Trust Hub

spec-kit-skill

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The script and helper documentation recommend installing specify-cli from 'git+https://github.com/github/spec-kit.git' via uv tool install. Because the 'github' organization is not included in the Trusted External Sources list, this is considered an unverifiable dependency.
  • [PROMPT_INJECTION] (LOW): Indirect prompt injection surface identified (Category 8). 1. Ingestion points: Scans .specify/specs/*/spec.md and tasks.md using grep. 2. Boundary markers: None present. 3. Capability inventory: The script executes grep and specify --version; the calling agent typically has bash and file-write capabilities. 4. Sanitization: None. Content in these markdown files can influence the agent's reasoning and subsequent actions.
  • [COMMAND_EXECUTION] (LOW): The script executes the specify --version command from the system PATH or the user's local bin directory. This executes a binary from the environment without cryptographic verification of its origin or integrity.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 10:28 PM