Skills
skills/j5ik2o/okite-ai/openspec-apply-change/Gen Agent Trust Hub

openspec-apply-change

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the openspec CLI through shell commands to list available changes, retrieve project status, and fetch implementation instructions. This is a legitimate and core functionality of the skill.
  • [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it ingests and processes dynamic JSON data from external CLI tool outputs to drive its logic.
  • Ingestion points: JSON output from openspec list, openspec status, and openspec instructions apply (SKILL.md).
  • Boundary markers: Absent; there are no specific delimiters used to isolate or ignore instructions potentially embedded in the tool's output.
  • Capability inventory: Shell command execution (openspec tool), file system reading (context files), and file system writing (updating task status in files) (SKILL.md).
  • Sanitization: Absent; the agent is directed to parse the JSON and follow the instructions provided by the tool output directly.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 01:57 AM