Skills
skills/teachingai/full-stack-skills/speckit-taskstoissues/Gen Agent Trust Hub

speckit-taskstoissues

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local prerequisite script .specify/scripts/bash/check-prerequisites.sh to identify project metadata and task file locations.
  • [COMMAND_EXECUTION]: Interacts with the local environment using git config to verify the repository's origin URL and uses gh issue create to synchronize tasks with GitHub.
  • [DATA_EXFILTRATION]: Processes the contents of tasks.md for transmission to a remote GitHub repository. This data flow is the primary intended function of the skill and is protected by a mandatory check to ensure the target repository matches the project's git remote.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from tasks.md which could theoretically contain malicious instructions. However, the skill processes this content as data for issue creation rather than instructions for the agent's logic, and the capabilities (issue creation) are limited in scope.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 10:48 AM