spec-writer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting and acting upon untrusted data from the local environment.
- Ingestion points: Reads files provided as arguments and explores the broader codebase context via file system tools (SKILL.md).
- Boundary markers: Absent; there are no specific delimiters or instructions provided to the agent to help it ignore potentially malicious instructions embedded within the files it reads.
- Capability inventory: The skill possesses the ability to read from the file system and write or overwrite specification files (SKILL.md).
- Sanitization: Absent; content from processed files is interpolated into the agent's context without validation or filtering.
- [NO_CODE]: The skill consists of markdown-based instructions for the AI agent and does not include any standalone executable scripts or binaries.
- [COMMAND_EXECUTION]: The skill uses file system tools to explore the codebase and write technical specifications to disk as part of its core behavior.
- [EXTERNAL_DOWNLOADS]: The README provides instructions for downloading the skill from the author's official repository using npx skills add victoralbino/agent-skills.
Audit Metadata