spec-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security risks identified.
- The skill uses a limited toolset (Read, Glob, Grep) restricted to repository files.
- All operations are focused on text processing and transformation between specification formats (EARS, Gherkin, YAML).
- No network access or remote code execution patterns were found.
- [Indirect Prompt Injection] (SAFE): While the skill processes external data (requirements and specifications), it lacks dangerous capabilities like shell execution or arbitrary network requests that would make it vulnerable to indirect injection. It acts as a passive processor for structured specification data.
Audit Metadata