spec-writer
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a documentation process without utilizing network resources or executing external code.\n- [DATA_EXPOSURE]: The skill accesses the repository's CLAUDE.md for context and creates a SPEC.md file. These operations are confined to the local project environment and align with the skill's stated documentation purpose.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests external content from CLAUDE.md and user prompts. While this represents a data ingestion surface, the skill lacks high-privilege capabilities (like network access or arbitrary command execution) that could be exploited via indirect injection. Mandatory evidence:\n
- Ingestion points: Reads CLAUDE.md (Step 1) and user requirements (Step 1).\n
- Boundary markers: None explicitly defined for ingestion.\n
- Capability inventory: File system write access for SPEC.md (Step 3).\n
- Sanitization: No specific filtering or escaping mechanisms are implemented for the ingested text.
Audit Metadata