openspec-finishing-branch

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) This skill's behavior is coherent with its stated purpose: finishing a branch and archiving OpenSpec changes. The main security concerns are operational (destructive rm -rf, irreversible branch deletion) and trust in the external 'openspec' CLI (provenance and network behavior unspecified). There is no direct evidence of malicious intent in the manifest/instructions themselves. Treat the openspec CLI as an untrusted dependency until its origin and network behavior are verified, and ensure confirmations and backups before discard/merge operations.