Skills
skills/richfrem/agent-plugins-skills/spec-kitty-sync-plugin/Gen Agent Trust Hub

spec-kitty-sync-plugin

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash commands to detect project state, compare git differences between local and upstream content, and verify the existence of protected configuration files.
  • [EXTERNAL_DOWNLOADS]: It manages the installation and upgrading of the spec-kitty-cli Python package via pip and updates project plugins using the npx skills command.
  • [REMOTE_CODE_EXECUTION]: Executes a local python script sync_configuration.py to reconcile updated templates with custom augmented knowledge.
  • [PROMPT_INJECTION]: Includes instructions to ensure the agent executes bash commands rather than simulating them; these are functional requirements and do not target safety filter bypasses.
  • [SAFE]: The project 'Constitution' enforces a mandatory approval protocol for all state-changing operations, significantly mitigating the risk of unauthorized file modifications or command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 08:39 AM