speckit-initial
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run the 'specify' CLI tool to initialize a project, which includes setting up a local directory structure and registering slash commands for various AI agents.
- [EXTERNAL_DOWNLOADS]: The initialization process involves fetching configuration and template files from the Spec Kit repository hosted on GitHub (github.com/github/spec-kit). This is documented as a core feature of the tool.
- [COMMAND_EXECUTION]: The documentation includes guidance on providing a GitHub token for private repository access via environment variables or command-line flags, adhering to standard security practices.
Audit Metadata