analyze-frame
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides a structured framework for software design and requirement engineering. There is no evidence of prompt injection, data exfiltration, or unauthorized privilege escalation.
- [COMMAND_EXECUTION]: The skill includes a local utility script,
scripts/validate_spec.py, intended for validating the generated specification directory. Analysis of the source code confirms it is limited to file system read operations for structural validation and uses the secureyaml.safe_loadmethod to prevent arbitrary code execution during parsing. - [SAFE]: All templates and execution guidelines align with standard software architecture practices (Domain-Driven Design and Problem Frames). The skill is designed to facilitate local development workflows without any external network dependencies or remote code downloads.
Audit Metadata