speckit-specify-zh
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (CRITICAL): An automated URLite scan flagged a malicious URL within the file requirements.md. While the content of this specific file was not provided in the 32-file sample, the presence of a blacklisted URL in the skill documentation constitutes a critical security risk.
- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection. 1. Ingestion points: The agent reads spec.md, plan.md, and tasks.md in commands like implement.md and analyze.md. 2. Boundary markers: Absent; the agent is not instructed to treat embedded commands as data rather than instructions. 3. Capability inventory: The agent has the capability to write files and execute shell commands (git, bash, pwsh) as defined in scripts referenced by implement.md and analyze.md. 4. Sanitization: Absent; there is no evidence of filtering or escaping content from the specification files before they influence agent behavior.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata