spec-driven-archive
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes Node.js to run a local script
spec-driven.jsfor listing, checking, and archiving changes. This is standard operational behavior for this type of development utility. - [INDIRECT_PROMPT_INJECTION]: The skill processes markdown files from the
.spec-drivendirectory which may contain untrusted content. - Ingestion points: Files located in
.spec-driven/changes/<name>/specs/are read and merged into main specification files. - Boundary markers: The process relies on
### Requirement:headers; however, there are no specific instructions or delimiters provided to prevent the agent from interpreting embedded instructions within these requirement blocks as commands. - Capability inventory: The agent has capabilities to read/write files in the local repository and execute Node.js commands based on the context of these specifications.
- Sanitization: The skill does not perform sanitization or validation of the requirement text before merging or summarizing changes.
Audit Metadata