Skills
skills/finger-gun/sisu/openspec-new-change/Gen Agent Trust Hub

openspec-new-change

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various openspec CLI commands (new change, status, instructions) which are specialized tools associated with the skill's author.
  • [PROMPT_INJECTION]: Includes standard instructional constraints (e.g., 'Do NOT create any artifacts yet') to manage the agent's workflow; these do not attempt to bypass safety filters or override system instructions.
  • [INDIRECT_PROMPT_INJECTION]: The skill accepts user-provided strings for project names and descriptions which are then used in shell commands.
  • Ingestion points: User input requested in Step 1 of SKILL.md.
  • Boundary markers: Command arguments are encapsulated in double quotes.
  • Capability inventory: Shell command execution via the openspec CLI.
  • Sanitization: The skill explicitly instructs the agent to enforce a kebab-case format for input and to ask for validation if the name is invalid, which mitigates common shell injection vectors.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 07:41 AM