spec
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a benign workflow for documentation generation. It guides the user through a series of questions to populate a technical specification template.
- [PROMPT_INJECTION]: The skill interacts with the local file system by reading
SPEC.md, which creates an indirect prompt injection surface where the agent could potentially ingest instructions placed in that file. However, this is part of the intended primary purpose of the skill and the risk is mitigated by the skill's restricted environment. - Ingestion points: The agent reads the content of
SPEC.mdin Step 1 of the workflow. - Boundary markers: The instructions do not specify any delimiters or safety markers for the ingested file content.
- Capability inventory: The skill is permitted to use
Read,Write, andEdittools as defined in the YAML frontmatter. - Sanitization: No explicit sanitization or instruction-filtering logic is applied to the data read from the local file system.
Audit Metadata