speckit-analyze-zh
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill directly accepts and incorporates user input ($ARGUMENTS) at the start of its execution, which is a standard entry point for direct prompt injection attempts.
- COMMAND_EXECUTION (LOW): The skill executes local scripts (
check-prerequisites.shandcheck-prerequisites.ps1) to initialize its context. While these are part of the skill's own package, executing local scripts always carries a baseline risk if the scripts themselves were to be tampered with. - Indirect Prompt Injection (LOW): The skill's primary function is to read and analyze external files (
spec.md,plan.md,tasks.md). - Ingestion points: Processes content from several project documents.
- Boundary markers: The prompt instructions suggest loading specific sections but do not define explicit escaping or hard boundary markers to prevent the agent from following instructions embedded within these documents.
- Capability inventory: The skill is strictly read-only and outputs Markdown reports; it does not have the capability to write files or perform network operations based on the analysis.
- Sanitization: No explicit sanitization or filtering of the content from the analyzed documents is mentioned.
Audit Metadata