create-tech-spec
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill's behavior is consistent with its stated purpose of managing project documentation.
- [COMMAND_EXECUTION]: The skill requires the agent to perform local file system operations, including scanning directories and writing markdown files. These actions are confined to the project workspace and are standard for documentation automation tools.
- [SAFE]: Analyzed for indirect prompt injection surface. The skill ingests user-provided titles and RFC references at execution. While no explicit boundary markers are present, the skill sanitizes inputs by converting titles to kebab-case and its capabilities are limited to writing documentation to the local filesystem using a local template. No malicious injection content was detected.
Audit Metadata