openspec-onboard
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs expected operations for a development tutorial, including scanning for TODO comments and executing local OpenSpec CLI commands.
- [COMMAND_EXECUTION]: All shell commands (openspec, git, mkdir) are specific to the onboarding workflow and do not involve high-risk patterns or arbitrary input execution.
- [PROMPT_INJECTION]: The skill follows a strict instructional pattern (EXPLAIN -> DO -> SHOW) and does not contain instructions that attempt to bypass safety filters or override system behavior.
Audit Metadata