openspec-propose
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands using the
openspecCLI tool, includingopenspec new change,openspec status, andopenspec instructions. These are used to manage the lifecycle of a change proposal within the local file system. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it reads
instruction,context, andrulesfields from the JSON output of theopenspec instructionscommand and applies them as constraints for its own output generation. While this is the intended functionality for the tool, it relies on the integrity of the CLI output and the project configuration files.
Audit Metadata