openspec-apply-change
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
openspecCLI to list, check status, and retrieve instructions for implementation changes. These commands are used to manage the development workflow and track progress through JSON-formatted output. - [DATA_EXPOSURE]: The skill reads project files (such as proposals, specifications, and design documents) to gather necessary context for code implementation. This file access is restricted to the paths provided by the CLI and is required for the tool's primary function.
- [SAFE]: Analysis of the skill instructions found no evidence of malicious patterns. There are no signs of prompt injection, data exfiltration to external domains, obfuscation, or unauthorized privilege escalation. The behavior is consistent with a legitimate developer productivity tool.
Audit Metadata