openspec-apply-change
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill's instructions are entirely focused on a legitimate software development workflow. It uses the openspec CLI to manage local project state, which is consistent with its stated purpose.
- [COMMAND_EXECUTION]: The skill executes various openspec CLI subcommands (list, status, instructions) to retrieve structured data. These operations are restricted to the local environment and use quoted variables to prevent basic command injection.
- [SAFE]: File access is limited to reading project context files and updating task checklists as directed by the CLI tool's output. No access to sensitive system files or credentials was detected.
Audit Metadata