Skills
skills/ada20204/antigravity-sync-mcp/openspec-bulk-archive-change/Gen Agent Trust Hub

openspec-bulk-archive-change

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the openspec CLI to perform status checks and synchronization tasks within the local environment.
  • [COMMAND_EXECUTION]: Uses system-level commands (mkdir and mv) to manage the archiving of change directories.
  • [PROMPT_INJECTION]: Exhibits an attack surface for indirect prompt injection (Category 8) by reading and interpreting natural language requirements from local files to drive its "agentic" conflict resolution logic.
  • Ingestion points: Reads content from openspec/changes/<name>/tasks.md and openspec/changes/<name>/specs/ directories.
  • Boundary markers: No explicit markers or delimiters are used to separate requirement strings from agent instructions.
  • Capability inventory: Includes file read/write access, directory management, and execution of the openspec CLI.
  • Sanitization: No validation or sanitization is performed on requirement names extracted from delta specs before they are used to guide codebase searches.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 01:08 PM