openspec-onboard
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates locally on the codebase using vendor-provided CLI tools and standard version control commands.
- [COMMAND_EXECUTION]: The skill uses the openspec CLI and git for repository status checks and workflow management. These operations are limited to the project directory and align with the skill's purpose.
- [DATA_EXPOSURE]: Accesses local source files and git logs to provide relevant task suggestions. This data remains within the agent's context and is used for documentation purposes.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes codebase content. 1. Ingestion points: Scans source files and git history in Phase 2 and 3. 2. Boundary markers: None present. 3. Capability inventory: Executes openspec CLI commands and writes to markdown files. 4. Sanitization: No explicit sanitization, though the workflow includes user confirmation steps before saving or implementing changes.
Audit Metadata