spec-init
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface. Ingestion points: User input from the questioning workflow in SKILL.md. Boundary markers: None; user answers are directly placed into markdown templates. Capability inventory: The agent uses Write and Edit tools to create spec files. Sanitization: None identified.
- [SAFE]: No instances of prompt injection, hardcoded credentials, malicious downloads, or unauthorized command execution were detected in the skill scripts or metadata.
Audit Metadata