openspec-proposal-creation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): Employs common shell utilities like find, grep, mkdir, and awk to manage local directories and validate file structure. These operations are restricted to the spec/ directory and are appropriate for the skill's purpose.
- [PROMPT_INJECTION] (LOW): Susceptible to Indirect Prompt Injection (Category 8).
- Ingestion points: Uses grep and find to read existing specification content from the spec/ directory to inform new proposal creation (SKILL.md Step 1).
- Boundary markers: Absent; the skill does not use delimiters or explicit 'ignore embedded instructions' warnings when processing content from existing files.
- Capability inventory: The skill allows for directory creation (mkdir) and file writing via the agent's standard capabilities.
- Sanitization: Absent; no input validation or escaping is performed on the data read from the local filesystem before it enters the agent's context.
Audit Metadata