speckit-clarify
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script located at
.specify/scripts/bash/check-prerequisites.sh. This is a functional component used to resolve project-specific file paths and does not involve remote code downloads.\n- [PROMPT_INJECTION]: The skill processes user arguments and external content from a requirement specification file.\n - Ingestion points: Data enters the context via the
$ARGUMENTSvariable and theFEATURE_SPECfile.\n - Boundary markers: None explicitly defined for the file content scanner.\n
- Capability inventory: The skill can execute a local bash script and perform file write operations to the project directory.\n
- Sanitization: The instructions include explicit rules for escaping single quotes in user arguments to prevent command injection.
Audit Metadata