Skills
skills/cachemoney/agent-toolkit/openspec-ff-change/Gen Agent Trust Hub

openspec-ff-change

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes openspec CLI commands to scaffold projects and manage artifact states. These commands are essential to the skill's primary purpose and target the vendor's own command-line utility.
  • [PROMPT_INJECTION]: The skill processes user-provided descriptions to guide the generation of artifact content, which represents an indirect prompt injection surface.
  • Ingestion points: User input is gathered via the AskUserQuestion tool in the initial step.
  • Boundary markers: The skill does not explicitly use delimiters or "ignore instructions" warnings for the user-provided descriptive content.
  • Capability inventory: The skill has the ability to create and modify files on the local system through the OpenSpec CLI.
  • Sanitization: The instructions mitigate direct command injection by requiring the agent to transform user input into a kebab-case format for CLI naming arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 08:44 PM