openspec-bulk-archive-change
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the openspec CLI tool to list changes (openspec list) and check status (openspec status).
- [COMMAND_EXECUTION]: Performs file system operations using mkdir -p and mv to move change directories into an archive folder. These operations are preceded by a user confirmation step.
- [PROMPT_INJECTION]: Analyzes codebase implementation details to resolve spec conflicts agentically. While this involves processing untrusted local file content, the risk is mitigated by explicit user selection of changes and a final confirmation prompt before execution.
Audit Metadata