sdd-spec
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for technical documentation and requirement engineering. It operates within a restricted project context and does not exhibit any malicious behavior or safety guideline bypass attempts.
- [DATA_EXFILTRATION]: All data operations are localized to the project environment, specifically the 'Engram' artifact store and the local
openspec/filesystem directory. No network-based exfiltration or unauthorized external communication channels were found. - [COMMAND_EXECUTION]: The skill interacts with the environment through dedicated tools (
mem_save,mem_search,mem_get_observation) for artifact management. It does not execute arbitrary shell commands or attempt privilege escalation. - [PROMPT_INJECTION]: The instructions focus on structured formatting (Given/When/Then) and requirement strength (MUST/SHOULD/MAY). There are no instructions aimed at overriding the agent's core safety protocols or extracting system prompts.
- [SAFE]: The skill processes untrusted input in the form of project proposals. However, it applies strict formatting constraints and architectural rules that act as natural boundaries for the generated content. 1. Ingestion points:
mem_get_observationandopenspec/spec files. 2. Boundary markers: Absent. 3. Capability inventory:mem_saveand filesystem writes. 4. Sanitization: Absent. The risk is evaluated as safe given the documentation-focused output format.
Audit Metadata