Skills
skills/gentleman-programming/agent-teams-lite/sdd-spec/Gen Agent Trust Hub

sdd-spec

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted data from a skill registry and existing domain specifications, creating a vulnerability surface for indirect prompt injection.
  • Ingestion points: Uses mem_get_observation to retrieve proposals and specs, and reads .atl/skill-registry.md from the project root.
  • Boundary markers: The skill uses Markdown headers to structure its output but does not implement explicit boundary markers or instructions to ignore embedded commands in the source data.
  • Capability inventory: The skill can persist data via the mem_save tool and write files to the local openspec/ directory.
  • Sanitization: No sanitization or validation of the ingested content is performed before it is used to generate new specifications.
  • [COMMAND_EXECUTION]: The skill performs file system read and write operations within the project directory and interacts with internal state management tools (mem_save, mem_search) to persist and retrieve project artifacts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 01:32 PM