speckit-implement-zh
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill is designed to ingest and act upon content from local files that may be attacker-controlled. Evidence: 1. Ingestion points: 'tasks.md', 'plan.md', 'data-model.md', 'research.md', and 'quickstart.md' are read and analyzed in Step 3 of the implementation workflow. 2. Boundary markers: Absent. There are no explicit delimiters or instructions to ignore potential commands embedded within these markdown files. 3. Capability inventory: The skill possesses the capability to execute local scripts ('check-prerequisites.ps1', 'analyze-checklists.ps1', 'detect-project-setup.ps1') and modify project configuration files (creating/verifying various '.ignore' files). 4. Sanitization: Absent. The skill does not implement specific sanitization or validation of the technical plans before processing them, relying on the underlying AI's general safety constraints.
Audit Metadata