speckit-plan
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local bash scripts located at
.specify/scripts/bash/setup-plan.shand.specify/scripts/bash/update-agent-context.sh. These scripts are used for environment setup and updating local context files. - [PROMPT_INJECTION]: The skill processes external feature specifications (
specs/<feature>/spec.md) to generate implementation plans. While this introduces a surface for indirect prompt injection, the skill includes explicit instructions for the agent to properly escape arguments (e.g., handling single quotes) when passing data to shell commands, which serves as a mitigation against command injection. - [DATA_EXPOSURE]: The skill reads repository context, including a
constitution.mdfile and feature specs, to inform architectural decisions. This access is consistent with the skill's stated purpose of generating technical implementation plans.
Audit Metadata