Skills
skills/taylorhuston/local-life-manager/spec/Gen Agent Trust Hub

spec

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The /spec --import <url> and /spec --sync commands allow the agent to fetch content from any user-provided URL. This data is downloaded into the local project structure without source validation.
  • COMMAND_EXECUTION (MEDIUM): The skill utilizes the Bash tool to handle file operations and network fetching (cloning/syncing). If the URL or the resulting directory structure is maliciously crafted, it could lead to command injection or unauthorized file system operations.
  • PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection through external specifications. Ingestion points: Remote specification files are fetched and saved to docs/specs/. Boundary markers: There are no explicit instructions to the agent to ignore or treat the imported content as untrusted data when reading them to 'suggest initial TASKs'. Capability inventory: The agent has access to Bash, WebFetch, Write, and Edit tools. Sanitization: No sanitization or safety checks are performed on the imported markdown content before it is parsed and acted upon by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:30 PM