The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute the openspec list --json command to retrieve a list of available changes. This involves running a local CLI tool as part of its core functionality.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes natural language content from external markdown files to guide its file-system operations. Ingestion points: Reads files from openspec/changes/<name>/specs/*/spec.md and openspec/specs/<capability>/spec.md. Boundary markers: Absent; the instructions do not define strict delimiters or include warnings to ignore instructions embedded within the spec files. Capability inventory: The agent has permission to read files, write files, and execute the openspec CLI tool. Sanitization: Absent; there is no logic provided to sanitize or validate the text content within the specifications before it is used to determine edit operations.

openspec-sync-specs