Skills
skills/staruhub/claudeskills/Geek-skills-openspec-apply-change/Gen Agent Trust Hub

Geek-skills-openspec-apply-change

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands using the openspec CLI (e.g., openspec status, openspec instructions, openspec list) to manage and implement software changes.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its core workflow. It ingests data from external sources and project files which could contain malicious instructions designed to manipulate the agent's behavior during implementation.
  • Ingestion points: Reads output from openspec instructions apply and the contents of various project files listed in contextFiles (e.g., specs, tasks, design documents).
  • Boundary markers: None. The prompt does not define delimiters or specific instructions to ignore embedded commands within the processed files.
  • Capability inventory: The skill has the ability to execute shell commands via the openspec tool and perform file read/write operations to implement tasks.
  • Sanitization: No evidence of input validation, escaping, or sanitization of the content retrieved from external files or CLI outputs before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 03:09 AM