openspec-progressive-implementation
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, prompt injection, or data exfiltration risks were identified in the skill body or metadata. The instructions focus on organizational discipline and progressive delivery.\n- [NO_CODE]: This skill is entirely instructional and does not include any Python scripts, Node.js packages, or binary executables.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it ingests data from external artifacts (
tasks.md) and executes commands derived from that data. However, the risk is addressed through explicit procedural controls.\n - Ingestion points: The skill reads implementation instructions and 'gate' commands from the
proposal.mdandtasks.mdfiles.\n - Boundary markers: The skill requires the use of
<!-- PHASE CHECKPOINT -->markers to clearly delimit implementation stages.\n - Capability inventory: The skill involves the execution of arbitrary shell commands for testing and phase verification.\n
- Sanitization: No automated sanitization of input commands is described; instead, the skill mandates a 'STOP and wait for human confirmation' protocol after every phase to ensure human oversight of the execution process.
Audit Metadata