Skills
skills/kw12121212/slim-spec-driven/spec-driven-auto/Gen Agent Trust Hub

spec-driven-auto

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill manages its workflow using a local script (node {{SKILL_DIR}}/scripts/spec-driven.js). This command execution is intended for internal state management and task automation.
  • [PROMPT_INJECTION]: The skill's design involves reading project configuration and specification files, which presents a surface for indirect prompt injection.
  • Ingestion points: Configuration files (config.yaml), index files (INDEX.md), and codebase source files.
  • Boundary markers: No explicit delimiters are used to wrap or sanitize content read from project files.
  • Capability inventory: The agent possesses file system access (read/write), shell command execution (ls), and local script execution (node).
  • Sanitization: There is no evidence of content validation or filtering for data ingested from the project environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 02:18 PM