openspec-archive-change
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands including 'mkdir -p' to create archive directories and 'mv' to relocate change folders. It also utilizes the 'openspec' CLI for status and list operations, which is consistent with the skill's stated purpose for managing this specific workflow.\n- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its handling of external data source content.\n
- Ingestion points: The agent reads the 'tasks.md' file and parses JSON output from the 'openspec status' command to determine workflow progress.\n
- Boundary markers: There are no explicit delimiters or instructions provided to isolate ingested task descriptions or artifact data from the agent's core instruction set.\n
- Capability inventory: The skill can perform filesystem modifications (moving directories) and invoke the 'openspec-sync-specs' sub-skill based on logic derived from the ingested data.\n
- Sanitization: The instructions do not specify validation or escaping for change names or task content before they are used in command-line arguments or prompts.
Audit Metadata