Spec Kit
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only Spec Kit helper, with user-directed setup and build commands that can run remote tooling and change project files.
This skill appears purpose-aligned for Spec Kit development workflows. Before using it, verify the GitHub source used by the uvx setup command, prefer pinned versions when possible, and review generated file changes, tests, and Git commits before sharing or pushing them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The tool code fetched during setup could change over time if the upstream repository changes.
The setup command runs tooling directly from a GitHub repository, and the artifact does not pin a commit, tag, or release version.
uvx --from git+https://github.com/github/spec-kit.git specify init <PROJECT_NAME>
Verify the GitHub repository before running the command, and consider pinning to a trusted release, tag, or commit when possible.
Using the build command can make real changes to a repository, including committed changes that may later be pushed or shared.
The documented build workflow can modify project files, execute tests, and create Git commits.
Generates code based on spec + plan - Creates files incrementally - Runs tests as specified - Commits progress to Git
Run these commands in the intended project directory, review diffs and generated commits, and keep backups or version control before using build automation.
Project-local specs, constitutions, or configuration can influence future code generation and planning.
The skill describes persistent project configuration and branch-based context that is reused by later Spec Kit commands.
Creates: - `.speckit/` directory with configuration ... Context is automatically loaded when you run Spec Kit commands.
Treat .speckit files and specs as trusted project inputs; review them when switching branches, accepting contributions, or working in repositories from others.