openspec-verify-change
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local openspec CLI commands to fetch change lists, status, and instructions for verification.
- [EXTERNAL_DOWNLOADS]: Depends on the openspec CLI utility being installed on the system, which is a vendor-provided tool.
- [PROMPT_INJECTION]: Risk of indirect prompt injection as the skill parses external Markdown files (tasks, specs, design) to generate verification reports.
- Ingestion points: tasks.md, design.md, and spec files identified by the openspec CLI.
- Boundary markers: None are present to prevent the agent from following instructions embedded within these documents.
- Capability inventory: The skill can execute CLI commands and read local files.
- Sanitization: No sanitization is performed on the content read from external files before processing.
Audit Metadata