create-specification
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data via the
${input:SpecPurpose}variable, which creates a surface for indirect prompt injection where untrusted input could attempt to influence the generated specification. However, the risk is minimal as the skill enforces a rigid Markdown template and specific file-system destination. - Ingestion points: File
SKILL.mdvia the${input:SpecPurpose}interpolation. - Boundary markers: The skill mandates a highly structured Markdown template with specific headers and frontmatter.
- Capability inventory: File system write access restricted to the
/spec/directory. - Sanitization: No explicit input sanitization is present, as the skill relies on the structural constraints of the template.
Audit Metadata