spec-update
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill logic or templates.
- [COMMAND_EXECUTION]: The skill is designed to perform code modifications and run test suites. These operations are the primary intended function of the skill and are gated by mandatory human-in-the-loop confirmation steps (AskUserQuestion), minimizing the risk of unauthorized or accidental system changes.
- [PROMPT_INJECTION]: There are no instructions that attempt to bypass AI safety guidelines or override core system prompts. The workflow emphasizes adherence to user-confirmed update plans.
- [DATA_EXFILTRATION]: The skill operates locally on project files and does not include any network-related commands or access to sensitive credential stores.
Audit Metadata