Skills
skills/fengshao1227/ccg-workflow/openspec-new-change/Gen Agent Trust Hub

openspec-new-change

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands using the openspec CLI to initialize change directories (openspec new change), check status (openspec status), and retrieve templates (openspec instructions). Commands are constructed using strings derived from user input.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by incorporating user-provided feature descriptions into file system operations.
  • Ingestion points: User input captured via the AskUserQuestion tool in Step 1.
  • Boundary markers: No explicit delimiters or boundary warnings are used for the interpolated data.
  • Capability inventory: The skill performs shell command execution and local directory creation via the openspec CLI.
  • Sanitization: The skill includes specific instructions to derive a kebab-case name from user input and mandates validation of the name format before proceeding, which effectively mitigates command injection risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 08:44 AM
Security Audit — agent-trust-hub — openspec-new-change