spec-driven-review
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Node.js script
scripts/spec-driven.jsto manage the review lifecycle. This is a vendor-provided script and does not involve remote code or network access. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes external project documents and source code. 1. Ingestion points: Files within
.spec-driven/changes/and project source code. 2. Boundary markers: Absent; instructions do not specify delimiters for external content. 3. Capability inventory: Local script execution vianodein SKILL.md. 4. Sanitization: No sanitization is mentioned for the ingested data.
Audit Metadata