openspec-bulk-archive-change
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the 'openspec' CLI tool and standard filesystem commands (mkdir, mv) to organize and move project change directories into an archive folder. These operations are scoped to the 'openspec/' directory.
- [PROMPT_INJECTION]: The skill processes user-controllable data from local markdown files, creating a surface for indirect prompt injection.
- Ingestion points: The agent reads 'tasks.md' to count completed tasks and scans files in 'openspec/changes//specs/' to extract requirement strings.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the files being read.
- Capability inventory: The skill possesses the ability to run 'openspec' commands, perform filesystem moves, and search the codebase for implementation evidence.
- Sanitization: No explicit sanitization or verification of the content within the markdown files is performed before the agent interprets the data.
Audit Metadata