openspec-archive-change
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands (
mkdir,mv) to manage the file system for archiving purposes. - [COMMAND_EXECUTION]: The skill relies on an external CLI tool (
openspec) to list changes and check statuses. This is consistent with the skill's stated purpose of integrating with the openspec experimental workflow. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from local files (
tasks.md) and CLI outputs to count completed tasks and artifacts. - Ingestion points: Reading
tasks.mdand parsing JSON output fromopenspec statusandopenspec list. - Boundary markers: None explicitly defined for file parsing.
- Capability inventory: File system modification (
mkdir,mv) and subagent invocation for syncing specs. - Sanitization: None specified for the content of the tasks file, though the agent is instructed specifically to count task markers rather than execute the content.
Audit Metadata