Skills
skills/ruan-cat/monorepo/openspec-ff-change/Gen Agent Trust Hub

openspec-ff-change

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes the openspec CLI to manage project state. It executes openspec new, openspec status, and openspec instructions. Commands are parameterized with quotes, and user-provided input is transformed into kebab-case, which mitigates shell injection risks.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes structured data from the CLI that influences its output.
  • Ingestion points: Reads JSON fields (context, rules, template, instruction) from the openspec instructions command.
  • Boundary markers: Explicit instructions are provided to the agent to treat context and rules as internal constraints rather than content to be printed.
  • Capability inventory: The skill can execute local openspec commands and perform file write operations within the openspec/changes/ directory.
  • Sanitization: The skill relies on structured JSON parsing and agent-level adherence to output rules to prevent malicious instructions in the artifact definitions from escalating.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 05:40 AM