Skills
skills/ada20204/antigravity-sync-mcp/openspec-archive-change/Gen Agent Trust Hub

openspec-archive-change

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands (mkdir -p, mv) and the openspec CLI to manage the lifecycle of change directories. These operations are restricted to the local file system within the openspec/ directory structure.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes untrusted data from the local environment to determine its execution flow.
  • Ingestion points: The skill parses JSON output from openspec list and openspec status, and reads the contents of tasks.md to check for completion markers (- [ ]).
  • Boundary markers: No specific delimiters or instructions are used to isolate the data being processed from the agent's core instructions.
  • Capability inventory: The skill has the capability to modify the file system via mkdir and mv commands based on the data it processes.
  • Sanitization: The skill does not explicitly sanitize the data read from files or CLI outputs before using it in shell command arguments, although it does require user confirmation via the AskUserQuestion tool before proceeding with potentially destructive actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 01:07 PM