Skills
skills/pradeepmouli/zod-to-form/speckit-hotfix/Gen Agent Trust Hub

speckit-hotfix

Fail

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the script .specify/scripts/bash/create-hotfix.sh --json "$ARGUMENTS" using unsanitized user input from the $ARGUMENTS variable. This allows an attacker to execute arbitrary shell commands by including shell metacharacters (e.g., ;, &&, |, or backticks) in their input.
  • [PROMPT_INJECTION]: The skill contains instructions that explicitly mandate bypassing standard safety and quality protocols, referring to them as a "deviation from the constitution." This is a pattern used to override the agent's core instructions and safety filters.
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified. \n
  • Ingestion points: $ARGUMENTS variable in SKILL.md. \n
  • Boundary markers: Absent; no delimiters or instructions to ignore embedded commands. \n
  • Capability inventory: Shell command execution and file system writes. \n
  • Sanitization: None; raw user input is interpolated directly into a shell command.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 13, 2026, 06:47 PM