spec-clarify
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill workflow executes a bash script located at
.specify/scripts/bash/check-prerequisites.sh. Running shell scripts allows for arbitrary command execution on the host environment, and the script's contents are not provided for safety verification. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it reads and processes untrusted data from
spec.md. Evidence: 1. Ingestion points: Readsspec.mdin the Load Spec step. 2. Boundary markers: None identified in the prompt logic to delimit the spec content. 3. Capability inventory: Executes bash scripts and performs file writes tospec.md. 4. Sanitization: No sanitization or validation of the specification content is mentioned.
Audit Metadata