The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes openspec commands (e.g., openspec list, openspec status, and openspec instructions apply) to retrieve project context and artifact locations. This usage is consistent with the skill's stated purpose of change verification.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and interprets documentation files that could contain malicious instructions.
Ingestion points: The skill ingests data from tasks.md, design.md, and specification files located within the openspec/changes/ directory.
Boundary markers: The skill does not implement boundary markers or instructions to the agent to disregard instructions embedded within the source artifacts.
Capability inventory: The agent is authorized to execute the openspec CLI and perform broad searches across the local codebase.
Sanitization: No sanitization, validation, or escaping is performed on the content of the specification files before they are processed by the agent.

openspec-verify-change