Skills
skills/fengshao1227/ccg-workflow/openspec-verify-change/Gen Agent Trust Hub

openspec-verify-change

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by ingesting and processing untrusted project files to drive its verification logic.
  • Ingestion points: The skill reads tasks.md, design.md, and multiple markdown specification files from the openspec/changes/ directory.
  • Boundary markers: Absent. The instructions do not utilize XML tags, triple quotes, or specific guidance to the agent to disregard instructions found within the analyzed artifacts.
  • Capability inventory: The skill executes openspec CLI commands and performs recursive codebase searches for implementation evidence.
  • Sanitization: Content from external files is parsed directly for requirements (e.g., searching for "### Requirement:") and status checkboxes without escaping or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 08:44 AM
Security Audit — agent-trust-hub — openspec-verify-change