Skills
skills/kw12121212/auto-spec-driven/spec-driven-spec-edit/Gen Agent Trust Hub

spec-driven-spec-edit

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Node.js script located at {{SKILL_DIR}}/scripts/spec-driven.js to verify mappings. This command is triggered as part of the validation step.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external project files.
  • Ingestion points: Accesses .spec-driven/config.yaml, .spec-driven/specs/INDEX.md, and various spec files in the project root.
  • Boundary markers: Absent. There are no instructions to the agent to ignore potential commands within the files it reads.
  • Capability inventory: The skill can modify filesystem content within the .spec-driven/ directory and execute shell commands (node).
  • Sanitization: None. The content of the read files is used directly to inform the agent's next actions.
  • Mitigation: Risk is reduced by a mandatory human-in-the-loop confirmation step before any file modifications are finalized.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 01:18 PM