kspec-reflect
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns detected. The skill facilitates a productivity workflow using local vendor-owned CLI tools.\n- [COMMAND_EXECUTION]: The skill uses kspec CLI commands (e.g.,
kspec workflow,kspec batch) to manage tasks and session notes. These are standard operations for the kspec environment and do not involve unauthorized shell access or privileged commands.\n- [PROMPT_INJECTION]: Analysis of the Indirect Prompt Injection surface (Category 8):\n - Ingestion points: Reads local git commits, code diffs (staged/unstaged files), and existing task descriptions via
kspec search.\n - Boundary markers: Absent; the skill relies on the LLM to summarize and categorize workspace activity.\n
- Capability inventory: Local command execution for task management (
task add,inbox add,meta observe).\n - Sanitization: None; workspace data is processed as part of the intended reflection process.
Audit Metadata