openspec-continue-change
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs local command execution by calling the
openspecCLI tool to list changes, check status, and retrieve artifact-specific instructions. - [COMMAND_EXECUTION]: It uses shell commands to interact with the file system, specifically reading dependency artifacts and writing new files to paths defined by the CLI's output.
- [PROMPT_INJECTION]: The skill ingests untrusted data from both the CLI's JSON output (instructions, templates, context) and local project files. It includes explicit guardrails to treat this data as constraints for the agent's behavior rather than content to be directly output, mitigating typical indirect injection risks.
Audit Metadata