openspec-to-beads

The skill functions as a workflow orchestration bridge with read-access to planning artifacts and write-access to Beads issues. Its footprint is coherent with a legitimate development tooling scenario, focusing on traceability and proactive gap detection. No obvious credential harvesting, remote execution, or data exfiltration patterns are present. The main risk is misconfiguration leading to unintended data exposure in issue descriptions or improper task prioritization; mitigations include strict access controls, audit logging, and verified templates.