spec-creator
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or unauthorized access patterns were identified in the skill.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by reading existing SPEC.md files and user input. This is an inherent part of its functionality and poses minimal risk as the output is confined to documentation text.
- Ingestion points: Ingests existing
SPEC.mdcontent and user responses to interview questions as defined inSKILL.md. - Boundary markers: No delimiters or instructions are used to separate ingested data from agent instructions.
- Capability inventory: Performs file system read and write operations within the repository root as described in
SKILL.md. - Sanitization: No sanitization of the input text is implemented before it is incorporated into the drafted specification.
- [COMMAND_EXECUTION]: The skill supports writing to alternative file paths upon user request. While intended for flexible documentation storage, this capability allows for writing to arbitrary locations within the repository environment.
Audit Metadata