Skills
skills/fengshao1227/ccg-workflow/openspec-sync-specs/Gen Agent Trust Hub

openspec-sync-specs

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the openspec list --json command to retrieve available changes. This command is a core part of the skill's functionality and interacts with the project-specific 'openspec' CLI.
  • [PROMPT_INJECTION]: The skill processes content from 'delta spec' Markdown files to update main specifications, which introduces a surface for indirect prompt injection.
  • Ingestion points: Data is read from files located at openspec/changes/<name>/specs/*/spec.md as described in SKILL.md.
  • Boundary markers: Absent; the instructions direct the agent to read and interpret the files directly without specific delimiters or isolation.
  • Capability inventory: The agent is authorized to read, create, and modify files within the openspec/ directory structure.
  • Sanitization: No validation or sanitization of the specification content is mentioned; the agent relies on 'intelligent merging' to apply changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 08:44 AM
Security Audit — agent-trust-hub — openspec-sync-specs