openspec-proposal-creation-cn
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes local shell commands including
find,grep,ls,mkdir, andawkfor automating file discovery, directory creation, and structure validation as described inSKILL.mdandreference/VALIDATION_PATTERNS.md. - PROMPT_INJECTION (LOW): The skill demonstrates an indirect prompt injection surface (Category 8) because user-controlled strings like
{change-id}are placed into shell command templates. Evidence Chain: 1. Ingestion points:{change-id}and{capability-name}inSKILL.md. 2. Boundary markers: Absent. 3. Capability inventory:mkdir,ls,grep,find, andawk. 4. Sanitization: Absent in the provided skill scripts.
Audit Metadata