Skills
skills/j5ik2o/okite-ai/openspec-explore/Gen Agent Trust Hub

openspec-explore

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes openspec list --json to retrieve project context, including active changes and their statuses. This is a local command intrinsic to the skill's purpose as an OpenSpec thinking partner.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it ingests and processes content from local project artifacts.
  • Ingestion points: Reads files from the openspec/changes/ directory, including proposal.md, design.md, and tasks.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between its primary goals and the potentially untrusted content of the artifacts.
  • Capability inventory: The skill can execute CLI queries and read the filesystem, but it is explicitly forbidden from implementing code or writing application features.
  • Sanitization: No sanitization or verification of the artifact content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 01:57 AM