Skills
skills/mtymek/opencode-obsidian/openspec-verify-change/Gen Agent Trust Hub

openspec-verify-change

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the openspec CLI, a tool associated with the vendor mtymek. It constructs shell commands by interpolating variables, such as openspec status --change "<name>" --json. This pattern is susceptible to command injection if the <name> parameter contains malicious shell metacharacters.
  • [PROMPT_INJECTION]: The skill reads and evaluates content from external project files, which creates an attack surface for indirect prompt injection.
  • Ingestion points: The agent reads and processes data from tasks.md, design.md, and specification files within openspec/changes/.
  • Boundary markers: The instructions do not define boundary markers or include directives to ignore instructions that might be embedded in the analyzed files.
  • Capability inventory: The skill has permissions to read local files and execute the openspec CLI tool.
  • Sanitization: There is no explicit sanitization or validation of the data ingested from the file system before it is analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 12:48 AM