openspec-apply-change
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes 'openspec' CLI commands like 'list', 'status', and 'instructions' to automate development tasks. This is the intended functionality for the tool provided by the vendor.
- [EXTERNAL_DOWNLOADS]: The skill relies on the 'openspec' CLI as a pre-installed dependency. No external scripts are downloaded or executed during runtime.
- [PROMPT_INJECTION]: The skill processes project files that could contain indirect instructions. 1. Ingestion points: Reads files from the 'contextFiles' list (Step 4). 2. Boundary markers: None identified. 3. Capability inventory: Includes file modification and command execution. 4. Sanitization: None identified. These factors are within the expected scope of the tool's primary purpose.
Audit Metadata