The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes the openspec CLI (e.g., openspec new change, openspec status, openspec instructions) to automate workspace scaffolding and retrieve project metadata. These operations are consistent with the skill's primary function and are limited to the local development environment.
[PROMPT_INJECTION]: The skill ingests external data from CLI tool outputs which could influence agent behavior, representing an indirect prompt injection surface. Ingestion points: Instruction data and project context are read from the openspec instructions --json command output in Step 4. Boundary markers: No explicit delimiters are used in the prompt to separate ingested context from the agent's core instructions. Capability inventory: The skill maintains capabilities for shell command execution and local filesystem writes. Sanitization: The AI is instructed to normalize user-provided input into kebab-case identifiers before passing them to CLI commands, which helps mitigate potential command injection risks.

openspec-propose