Skills
skills/mvdmakesthings/claude-marketplace/openspec-onboard/Gen Agent Trust Hub

openspec-onboard

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes several shell commands including openspec, git log, and mkdir to manage project state and the OpenSpec workflow cycle. These executions are core to the skill's purpose of teaching the CLI tool.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from the user's codebase, such as TODO/FIXME comments and source code patterns, to suggest relevant tasks.
  • Ingestion points: Local codebase files (comments, logic, types) and git history.
  • Boundary markers: No explicit boundary markers or isolation instructions are used when presenting analyzed code to the agent.
  • Capability inventory: Shell command execution (openspec, git) and file/directory creation (mkdir).
  • Sanitization: There is no evidence of content sanitization or validation of the data read from the codebase before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:50 AM