tracking-spec-writer
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified in the analyzed skill files. The skill functions as a productivity tool for generating tracking specifications based on user input and a predefined local HTML template.
- [SAFE]: The HTML template (assets/spec-template.html) is securely implemented. The embedded JavaScript uses textContent for data rendering, effectively preventing potential Cross-Site Scripting (XSS) in the generated output files.
- [SAFE]: The skill does not perform any unauthorized network requests, credential harvesting, or suspicious command executions. Its operations are limited to text processing and standard file interactions expected for documentation generation.
Audit Metadata