Skills
skills/jeremylongshore/claude-code-plugins-plus/spec-writing/Gen Agent Trust Hub

spec-writing

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides structured templates for generating specifications used by the autonomous 'Sprint plugin', creating an indirect prompt injection surface.
  • Ingestion points: User input regarding sprint goals, features, and requirements (SKILL.md).
  • Boundary markers: The skill instructions lack explicit directives to delimit user-provided content or to include instructions for downstream agents to ignore embedded commands.
  • Capability inventory: The generated specifications drive the 'Sprint plugin' and associated agents capable of code modification, API testing, and UI testing.
  • Sanitization: No specific input validation or sanitization of the user-provided requirements is performed before they are incorporated into the specification files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 12:42 PM