superspec-tdd
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is entirely instructional markdown and localization files. No executable scripts, binaries, or automated tasks are included.
- [PROMPT_INJECTION] (SAFE): The rules enforce a software development methodology and do not attempt to bypass AI constraints, role-play as a restricted entity, or override system safety instructions.
- [DATA_EXFILTRATION] (SAFE): No sensitive file paths, credential markers, or network request patterns are present in the provided files.
- [COMMAND_EXECUTION] (SAFE): References to 'openspec validate' are instructional for the agent and do not constitute a direct command execution vulnerability within the skill itself.
Audit Metadata