Skills
skills/mtymek/opencode-obsidian/openspec-continue-change/Gen Agent Trust Hub

openspec-continue-change

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the openspec CLI tool locally to list changes, check status, and retrieve instructions. While these are intended vendor functionalities, the use of user-supplied change name parameters in shell commands assumes the underlying environment handles shell escaping to prevent command injection.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
  • Ingestion points: The agent reads content from local project files identified as dependencies in the openspec CLI output.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested files.
  • Capability inventory: The agent has the capability to write to the local file system and execute CLI commands.
  • Sanitization: No validation or sanitization of content from dependency files is performed before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 12:49 AM