speckit-tasks
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes a local bash script (
.specify/scripts/bash/check-prerequisites.sh) to discover project metadata and available documentation. - [PROMPT_INJECTION]: The skill ingests data from external project documents such as
plan.md,spec.md, anddata-model.md, creating a surface for indirect prompt injection. - Ingestion points: Multiple Markdown documents within the project's
FEATURE_DIRare read and processed. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content within these files.
- Capability inventory: The skill possesses file system write access and the ability to execute local shell scripts.
- Sanitization: The contents of the documents are used directly to drive the task generation logic without validation or sanitization.
Audit Metadata