openspec-new-change
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with the local system through the 'openspec' CLI tool to initialize change directories, query status, and fetch templates.
- [PROMPT_INJECTION]: The skill processes untrusted user input to define change names. Ingestion points: User descriptions in Step 1. Boundary markers: Shell commands use double quotes for the change name variable. Capability inventory: Executes multiple shell commands via the 'openspec' CLI tool. Sanitization: The skill includes a guardrail that enforces strict 'kebab-case' validation for names, effectively preventing the interpolation of malicious shell characters or commands.
Audit Metadata