technical-specification
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill utilizes standard system commands including
git status,git log,git commit, andlsto manage the specification creation process. These commands are restricted to the local repository and used solely for workflow management. - [Indirect Prompt Injection] (SAFE): The skill is designed to ingest and synthesize untrusted data from local source files such as discussions and research notes.
- Ingestion points: Source material is read from directories like
docs/workflow/discussion/anddocs/workflow/research/. - Boundary markers: There are no explicit delimiters used when interpolating source content into the prompt.
- Capability inventory: The skill is restricted to file system read/writes within the specific project workspace and basic Git operations. It lacks network access or arbitrary code execution capabilities.
- Sanitization: The skill mitigates risks through a mandatory human-in-the-loop validation step ('STOP AND WAIT') for every content extraction, ensuring the user approves all data before it is logged to the final specification.
Audit Metadata