openspec-continue-change

[Skill Scanner] System prompt extraction attempt The code fragment presents a coherent, purpose-aligned workflow for continuing an OpenSpec change. It correctly sequences data gathering (list/status), decision logic (isComplete, ready artifacts), artifact creation (using provided template and constraints), and progress reporting. There are no credential reads, no network exfiltration, and no suspicious input handling beyond standard user prompts. Overall, it is benign and appropriate for its stated purpose, with a moderate security risk profile due to reliance on a CLI tool and file writes, but nothing inherently dangerous. LLM verification: No direct malware found in the skill text. The operations (invoking a local CLI, reading listed dependency files, writing one artifact) are consistent with intended purpose. However, there is a meaningful supply-chain/prompt-injection risk: an attacker who controls the openspec CLI output or dependency file contents could cause the agent to read and disclose sensitive local files or follow hidden instructions. Recommend treating this skill as potentially high-risk without safeguards: validate CL