Skills
skills/kw12121212/slim-spec-driven/spec-driven-verify/Gen Agent Trust Hub

spec-driven-verify

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local script spec-driven.js using Node.js to perform verification tasks. These commands include a placeholder <name> which is populated by user input. While standard for this type of tool, it relies on the agent to ensure the input does not contain shell metacharacters.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external files like proposal.md and design.md which could contain malicious instructions designed to bypass verification logic.
  • Ingestion points: Processes proposal.md, design.md, and delta spec files in .spec-driven/changes/<name>/specs/ (SKILL.md).
  • Boundary markers: No specific delimiters or safety instructions are used to separate spec content from the agent's core instructions.
  • Capability inventory: The agent can execute local shell commands via Node.js as part of the verification process (SKILL.md).
  • Sanitization: No content sanitization or validation is specified for the processed files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 07:08 AM