Skills
skills/mvdmakesthings/claude-marketplace/openspec-sync-specs/Gen Agent Trust Hub

openspec-sync-specs

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the openspec list --json command to retrieve a list of available changes. This is a functional requirement of the tool and is performed via the associated CLI.
  • [PROMPT_INJECTION]: The skill processes untrusted markdown data from 'delta spec' files located at openspec/changes/<name>/specs/*/spec.md to determine file system modifications.
  • Ingestion points: Content is read from markdown files within the project directory structure.
  • Boundary markers: The agent relies on markdown headers (e.g., ## ADDED Requirements) to parse intent but lacks specific instructions to disregard instructions embedded within the text of those requirements.
  • Capability inventory: The skill can read and write files within the openspec/ directory and execute the openspec CLI tool.
  • Sanitization: There is no evidence of sanitization or strict schema validation for the content read from the delta specs before it is used to edit the main specification files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:50 AM