Skills
skills/partme-ai/openspec-skills/openspec-config/Gen Agent Trust Hub

openspec-config

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes a project configuration file (openspec/config.yaml) that contains fields like context and rules. This data is injected into instructions for all subsequent AI artifacts. This design creates an indirect prompt injection surface where malicious data in the config file could influence agent behavior. \n
  • Ingestion points: openspec/config.yaml file.\n
  • Boundary markers: The skill uses <project-context> and <project-rules> tags to encapsulate the injected data.\n
  • Capability inventory: The skill uses openspec config subcommands to modify project state.\n
  • Sanitization: No sanitization or validation of the YAML context or rules content is mentioned.
  • [COMMAND_EXECUTION]: The skill uses various subcommands of the openspec CLI (list, get, set, unset, reset, edit, path) to manage global and project-level settings, which involves executing system commands.
  • [EXTERNAL_DOWNLOADS]: The skill references external documentation and resources located in the Fission-AI/OpenSpec repository on GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 12:35 PM