spec-writer
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a standard and legitimate workflow for technical documentation. It interacts with the user and the codebase to generate specifications without engaging in any high-risk operations or external data exfiltration.
- [INDIRECT_PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and processes data from the repository and user conversations to create documentation.
- Ingestion points: Codebase files and user-provided problem descriptions (SKILL.md).
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded prompts within the ingested data.
- Capability inventory: Reading local repository files and writing markdown files or creating GitHub issues (SKILL.md).
- Sanitization: There is no mention of sanitizing or validating the content extracted from the repository or user input.
Audit Metadata