speckit-modify
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill takes user input from the '$ARGUMENTS' variable and incorporates it into shell commands and file content without sanitization.
- [REMOTE_CODE_EXECUTION]: The skill invokes the bash script '.specify/scripts/bash/create-modification.sh' using arguments provided by the user. This pattern can be vulnerable if the script does not correctly escape inputs.
- [INDIRECT_PROMPT_INJECTION]: The skill reads existing feature specifications and impact analysis files to inform its behavior, which could lead to malicious instruction execution if those files are compromised. 1. Ingestion points: $ARGUMENTS, IMPACT_FILE, spec.md. 2. Boundary markers: Absent. 3. Capability inventory: Local shell script execution. 4. Sanitization: None.
Audit Metadata