openspec-verify-change
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes the 'openspec' CLI to manage and retrieve information about project changes. Commands include 'openspec list', 'openspec status', and 'openspec instructions apply'. This is the primary intended behavior of the skill.
- [PROMPT_INJECTION]: The skill processes untrusted data from local project files, creating a surface for indirect prompt injection.
- Ingestion points: Reads 'tasks.md', 'design.md', and specification files from the 'openspec/changes/' directory.
- Boundary markers: None defined; content is read directly from markdown files.
- Capability inventory: Execution of 'openspec' CLI commands and local filesystem read access.
- Sanitization: No specific sanitization or validation of file content is performed prior to processing.
Audit Metadata