openspec-bulk-archive-change
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands
mkdirandmvto manage the localopenspec/directory for archiving purposes. These commands use change names obtained from the CLI tool but are mitigated by a mandatory user selection and confirmation process. - [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface in its conflict resolution logic.
- Ingestion points: Reads content from
openspec/changes/<name>/tasks.md,openspec/changes/<name>/specs/directories, and the broader project source code inSKILL.md. - Boundary markers: Does not utilize explicit boundary markers or instruction-guarding delimiters when reading external file content.
- Capability inventory: Includes directory movement (
mv), directory creation (mkdir), and agentic file modification during the spec synchronization phase. - Sanitization: Relies solely on agent reasoning for merging and processing data without predefined sanitization or input validation logic.
Audit Metadata