Skills
skills/madebyaris/spec-kit-command-cursor/sdd-audit/Gen Agent Trust Hub

sdd-audit

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill includes a shell script scripts/validate.sh that executes local commands including grep, find, and npx. These are used for static analysis and running standard development tools (TSC, ESLint).
  • [INDIRECT_PROMPT_INJECTION] (LOW): The workflow involves reading external documentation files (spec.md, plan.md, etc.). While this is an ingestion surface for untrusted data, the impact is limited to the generated audit report.
  • Ingestion points: spec.md, plan.md, tasks.md, todo-list.md (read via file system)
  • Boundary markers: None explicitly defined in the workflow for separating data from instructions.
  • Capability inventory: Local file system read access and shell command execution via scripts/validate.sh.
  • Sanitization: None; the agent is expected to interpret the content of these files directly.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 06:13 PM