spec
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized activities detected. The skill performs legitimate documentation tasks within the local environment.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted user input and codebase data to generate its output.
- Ingestion points: Untrusted data enters via AskUserQuestion and codebase exploration (SKILL.md).
- Boundary markers: There are no explicit markers or instructions to ignore embedded commands in the ingested data.
- Capability inventory: The skill is capable of writing to the local filesystem, specifically creating ./SPEC.md or ./SPEC-.md (SKILL.md).
- Sanitization: No input sanitization or output escaping mechanisms are described in the instructions.
Audit Metadata