Skills
skills/costicapuntaru/agentica/openspec-bugfix/Gen Agent Trust Hub

openspec-bugfix

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various commands using the openspec CLI tool to manage changes, check status, and generate artifacts.
  • Evidence: SKILL.md contains commands such as openspec new change "<name>" --schema bugfix, openspec status --change "<name>", and openspec ff change "<name>".
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to the way it handles untrusted user data.
  • Ingestion points: User-provided details including reproduction steps, expected behavior, and actual behavior are gathered in SKILL.md (Step 1).
  • Boundary markers: There are no explicit instructions to use delimiters or XML-style boundary markers when interpolating this user data into the proposal.md or other specification files.
  • Capability inventory: The agent has the capability to execute system commands via the openspec CLI and perform file system write operations.
  • Sanitization: The skill does not implement any validation, escaping, or sanitization of the user-provided text before it is written to the project's documentation and subsequently processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 01:04 PM