openspec-onboard
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using the openspec CLI (e.g., status, new, archive) and git to manage project state and history.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it reads and analyzes codebase content to identify development tasks. Ingestion points: Reads local source files to scan for TODO, FIXME, and other markers. Boundary markers: Absent; no delimiters are used to separate ingested code from agent instructions. Capability inventory: Executes openspec CLI commands and modifies project files. Sanitization: No evidence of validation or sanitization for data extracted from the codebase.
Audit Metadata