Skills
skills/finger-gun/sisu/openspec-explore/Gen Agent Trust Hub

openspec-explore

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the openspec list --json command to gather information about active project changes.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill reads content from external project files.
  • Ingestion points: The skill reads proposal.md, design.md, and spec.md files from the openspec/ and specs/ directories as documented in SKILL.md.
  • Boundary markers: No specific delimiters or safety prompts are used to isolate content read from these files from the agent's instructions.
  • Capability inventory: The skill can execute CLI commands and write updates to project documentation artifacts as specified in the stance and workflows.
  • Sanitization: There is no mention of sanitizing or validating the content of the project files before they are processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 07:41 AM