spec-driven-modify
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script (
scripts/spec-driven.js) to list and manage active change artifacts. This script is a functional component provided with the skill. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and processes content from project files (
proposal.md,specs/,design.md, etc.) to determine its next actions. Ingestion points: The skill reads multiple workspace files includingproposal.md,design.md,tasks.md,questions.md, and any files within thespecs/directory. Boundary markers: No delimiters or instructions to ignore embedded commands are used when reading these files. Capability inventory: The skill is authorized to read/write workspace files and execute a specific local node script. Sanitization: The instructions do not specify any sanitization or validation of the data retrieved from the ingested files.
Audit Metadata