speckit-analyze
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a repository-local script
.specify/scripts/bash/check-prerequisites.shto determine file paths and verify the existence of required artifacts. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from documentation files such as spec.md, plan.md, and tasks.md (Step 2). While boundary markers are absent, the risk is mitigated by the skill's strictly read-only nature and the inclusion of sanitization instructions for the agent to escape single quotes when passing strings to shell commands (Step 1). The skill's capabilities are limited to local file reading and execution of the specific prerequisite script, providing no path for data exfiltration or unauthorized file modification.
Audit Metadata