Skills
skills/richfrem/agent-plugins-skills/spec-kitty-checklist/Gen Agent Trust Hub

spec-kitty-checklist

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local command spec-kitty agent feature check-prerequisites --json to retrieve the environment configuration and available document list.
  • [PROMPT_INJECTION]: The skill processes content from external files (spec.md, plan.md, tasks.md) which may contain untrusted data.
  • Ingestion points: Reads requirements and technical details from spec.md, plan.md, and tasks.md in the feature directory.
  • Boundary markers: Absent. The skill does not use specific delimiters or instructions to ignore embedded prompts within the loaded files.
  • Capability inventory: The skill can read local project files, create directories, and write new checklist files ([domain].md) to the file system.
  • Sanitization: No sanitization or validation logic is applied to the content retrieved from the specification files before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:00 AM