openspec-explore
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Executes the
openspec list --jsoncommand to retrieve the status of active project changes. This is a local command associated with the skill author's own toolset and is used for gathering context. - [PROMPT_INJECTION]: Includes instructions that define a specific operational mode, specifically the requirement to 'NEVER write code' while in explore mode. These are internal behavioral constraints designed to keep the agent in a consultative role.
- [SAFE]: The skill identifies an attack surface for indirect prompt injection by reading project artifacts such as
proposal.mdanddesign.md. However, the risk is mitigated because the skill is restricted from writing files, implementing code, or performing network operations, which prevents the realization of common injection payloads.
Audit Metadata