specs-code-cleanup
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various shell commands and project-specific scripts, such as
./mvnw,npm run,black, andruff, to format code and execute test suites. This functionality is central to the skill's purpose but relies entirely on the integrity of the project's local build environment and scripts.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it consumes untrusted content from task files and source code while having access to sensitive tools.\n - Ingestion points: The skill parses task definitions from
docs/specs/*/tasks/*.md, review reports, and the source files listed within those tasks for cleanup.\n - Boundary markers: There are no specified delimiters or instructions used to distinguish external data from the skill's own internal instructions when processing files.\n
- Capability inventory: The skill utilizes
Bash,Write,Edit,Read, andGreptools, providing a broad capability set that could be abused if malicious instructions are processed.\n - Sanitization: The skill lacks validation or sanitization of the content extracted from project files before the agent processes it.
Audit Metadata