openspec-explore
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the openspec list --json command to retrieve a list of active changes and project status. This is a standard operation for the tool's intended functionality and is restricted to local metadata retrieval.
- [PROMPT_INJECTION]: The instructions include explicit negative constraints (NEVER write code or implement features) to prevent the agent from making unauthorized changes to the codebase while in explore mode. These act as behavioral guardrails.
- [DATA_EXFILTRATION]: While the skill reads codebase files and documentation for context, there are no network operations or patterns suggesting that data is being sent to external servers or that sensitive system files are being targeted.
- [REMOTE_CODE_EXECUTION]: No patterns were found indicating the download or execution of external scripts or untrusted packages; the skill relies on the pre-installed openspec CLI.
Audit Metadata