speckit-constitution
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface identified. * Ingestion points: The skill reads from
specs/constitution.md,README.md,docs/quickstart.md, and multiple template/skill files in sibling directories (../speckit-*). * Boundary markers: There are no explicit delimiters or instructions for the agent to ignore potential instructions embedded within the ingested data. * Capability inventory: The agent is granted permission to read and overwrite various documentation and skill definition files across the project workspace. * Sanitization: No evidence of content sanitization or validation is present before the agent processes and propagates data from these sources. - [NO_CODE] (SAFE): This skill contains no executable scripts, binaries, or source code. It functions exclusively through high-level markdown instructions.
- [DATA_EXFILTRATION] (SAFE): No hardcoded secrets, sensitive file path exfiltration (e.g., .ssh, .aws), or network-based communication patterns were detected.
Audit Metadata