Skills
skills/kw12121212/auto-spec-driven/spec-driven-maintenance/Gen Agent Trust Hub

spec-driven-maintenance

Warn

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a Node.js script located via a relative path reference (../../dist/scripts) that points outside the skill's root directory, which constitutes a directory traversal and execution of unverified logic.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it derives executable commands from untrusted local repository files.
  • Ingestion points: Accesses .spec-driven/maintenance/config.json and project documentation (READMEs) at runtime.
  • Boundary markers: Absent; the skill instructions do not include delimiters or warnings to ignore malicious instructions in the ingested files.
  • Capability inventory: The skill can execute arbitrary shell commands defined in the config under 'checks' or 'fixCommand' via a sub-process.
  • Sanitization: Absent; no validation or filtering is performed on the commands retrieved from the configuration before execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 12, 2026, 01:18 PM