Skills
skills/partme-ai/full-stack-skills/openspec-config/Gen Agent Trust Hub

openspec-config

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by design. It allows users to define 'context' and 'rules' in openspec/config.yaml which are automatically injected into artifact instructions for the AI agent.
  • Ingestion points: The openspec/config.yaml file, specifically the context and rules fields, are processed and included in the agent's prompt context.
  • Boundary markers: The skill documentation specifies that injected content is wrapped in <project-context> and <project-rules> tags, which helps the model distinguish between instructions and injected data.
  • Capability inventory: The skill executes shell commands via the openspec CLI (e.g., openspec config set) to manage configuration states.
  • Sanitization: No explicit sanitization or filtering of the content within the configuration file is mentioned beyond the use of XML-style boundary tags.
  • [COMMAND_EXECUTION]: The skill uses the openspec CLI tool to perform various configuration tasks such as listing, getting, setting, and resetting global user settings.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 02:16 PM