spec-driven-sync-specs
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs node commands to execute a local utility script spec-driven.js for initializing the specification index and verifying mappings.
- [COMMAND_EXECUTION]: It uses the ls command to check for the existence of the .spec-driven/ configuration directory at the project root.
- [PROMPT_INJECTION]: The skill processes untrusted repository data (code, tests, and documentation) to update specification files, creating an indirect prompt injection surface. 1. Ingestion points: Reads files across the repository scope (Step 3). 2. Boundary markers: None identified in instructions. 3. Capability inventory: Executes Node.js scripts and has direct file-write access to specs (Steps 7 and 8). 4. Sanitization: No explicit validation of repository content is mentioned. This risk is mitigated by the requirement for explicit user confirmation in Step 6.
Audit Metadata