Skills
skills/fengshao1227/ccg-workflow/openspec-ff-change/Gen Agent Trust Hub

openspec-ff-change

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill interacts with the local environment by executing the openspec command-line interface. It uses commands such as openspec new change, openspec status, and openspec instructions to manage the lifecycle of project artifacts. These operations are limited to the scope of the OpenSpec project directory.
  • [DATA_EXPOSURE]: The skill reads structured JSON data generated by the OpenSpec CLI and processes local artifact files. It does not attempt to access sensitive system files, environment variables, or user credentials.
  • [PROMPT_INJECTION]: The instructions contain clear logic for artifact generation and do not include any patterns intended to bypass AI safety guardrails or override system prompts.
  • [EXTERNAL_DOWNLOADS]: The skill does not perform any network requests, external downloads, or remote code execution. All operations are performed locally using the pre-installed OpenSpec CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 08:44 AM
Security Audit — agent-trust-hub — openspec-ff-change