doc-cspec-validator
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides commands to execute a local Python validation script
ai_dev_ssd_flow/09_SPEC/scripts/validate_spec.py. This script is part of the repository's internal tooling for quality assurance and does not involve remote script execution. - [DATA_EXPOSURE]: The skill identifies and reads local YAML artifacts (Code Specifications) located within the
docs/09_SPEC/CSPEC/directory to perform validation logic. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes specification files that may be edited by users. Ingestion points:
docs/09_SPEC/CSPEC/CSPEC-NN_{slug}/CSPEC-NN_{slug}.yamlvia theSKILL.mdactivation. Boundary markers: No delimiters or ignore instructions are present. Capability inventory: Python subprocess execution for validation logic. Sanitization: None specified in the instructions. This surface is expected for a validator skill and does not pose an active threat.
Audit Metadata