openspec-install
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the '@fission-ai/openspec' package from the public npm registry to make it available globally.\n- [EXTERNAL_DOWNLOADS]: Accesses and installs software from the 'Fission-AI/OpenSpec' GitHub repository using the Nix package manager.\n- [COMMAND_EXECUTION]: Executes package manager commands to perform global installations (e.g., 'npm install -g'), which modifies the user's system environment and global binary path.\n- [REMOTE_CODE_EXECUTION]: Utilizes 'nix run' to download and execute code directly from a remote GitHub repository ('github:Fission-AI/OpenSpec') for project initialization.
Audit Metadata