speckit-install
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the installation script for the
uvtool from Astral's official domain (astral.sh). - [REMOTE_CODE_EXECUTION]: Executes the
uvinstallation script by piping it directly to the system shell (sh). - [EXTERNAL_DOWNLOADS]: Downloads and installs the
specify-clipackage from the official GitHub repository for Spec Kit (github/spec-kit). - [COMMAND_EXECUTION]: Utilizes
uv tool installanduvxcommands to install and manage the Specify CLI binary on the host system.
Audit Metadata