visual-spec-skill
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The analysis did not reveal any malicious patterns. The skill's operations are consistent with its stated purpose of automating requirement analysis and software prototyping.
- [COMMAND_EXECUTION]: The skill contains instructions to execute local development scripts (e.g., 'npm test', 'lint') to verify implementation and testing coverage. These actions are standard for development-focused AI agents and occur within the context of the user's project environment.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided business requirements to generate code and documentation. This ingest-and-generate cycle is a common surface for indirect prompt injection; however, the risk is considered low as the skill focuses on structuring data into predictable formats and requires the user to oversee the generated output.
Audit Metadata