Skills
skills/slamb2k/mad-skills/speccy/Gen Agent Trust Hub

speccy

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from the local project environment which could contain adversarial instructions.
  • Ingestion points: The skill reads CLAUDE.md, files within the specs/ directory, design documents, and project source code to build context in Stage 1.
  • Boundary markers: No explicit delimiters or specific instructions are used to separate the content of these files from the agent's system instructions.
  • Capability inventory: The skill can execute Bash commands (mkdir), write files to the disk (Write), and invoke other skills (/build, /prime) via the Skill tool.
  • Sanitization: No explicit sanitization or validation of the content read from files is performed before processing.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute mkdir -p specs. This is a standard operation used for project organization and does not involve high-risk commands or privilege escalation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 02:57 PM