openspec-ff
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists exclusively of instructional Markdown content. It does not include any Python or Node.js scripts, executables, or automated command execution logic.
- [PROMPT_INJECTION]: The skill defines a workflow for generating documents based on previous artifacts (e.g., generating specifications from a proposal). This creates a surface for indirect prompt injection, as the agent reads existing local files to generate new ones.
- Ingestion points: Reads
proposal.md,specs/**/*.md, anddesign.mdfrom theopenspec/changes/directory. - Boundary markers: None specified in the instructions.
- Capability inventory: The skill is designed for reading and writing markdown files in a specific local project directory.
- Sanitization: None specified.
- [EXTERNAL_DOWNLOADS]: The skill includes a reference link to documentation on GitHub (
github.com/Fission-AI/OpenSpec). This is a standard documentation reference and does not involve the download or execution of remote code.
Audit Metadata