Skills
skills/draculabo/antigravitymanager/openspec-archive-change/Gen Agent Trust Hub

openspec-archive-change

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the openspec CLI utility to interact with the project's change tracking system and verify artifact status.
  • [COMMAND_EXECUTION]: Uses standard shell commands including mkdir -p and mv to create archive structures and relocate project directories.
  • [DATA_EXPOSURE]: Reads local project files such as tasks.md and markdown specifications to determine the completion and synchronization state of a change.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from local project files which creates a surface for indirect prompt injection. 1. Ingestion points: Reading tasks.md and various .md specification files. 2. Boundary markers: None specified to delimit ingested content. 3. Capability inventory: Subprocess calls to openspec CLI, filesystem modification (mkdir, mv). 4. Sanitization: No sanitization of file content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:18 AM