Skills
skills/lis186/ccxray/openspec-apply-change/Gen Agent Trust Hub

openspec-apply-change

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes 'openspec' CLI commands, including 'openspec list', 'openspec status', and 'openspec instructions', to retrieve metadata and task lists for a project change.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it reads and processes data from external files (e.g., proposals, specs, designs) to guide implementation.
  • Ingestion points: The agent reads context files listed in the 'contextFiles' field of the CLI command output.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested context files.
  • Capability inventory: The skill allows the agent to modify source code and execute shell commands based on task descriptions.
  • Sanitization: The skill does not perform sanitization or validation of the content within the ingested project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 03:17 PM