Skills
skills/spot-canvas/sn/openspec-sync-specs/Gen Agent Trust Hub

openspec-sync-specs

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the openspec CLI tool with the list --json command to retrieve available changes from the local environment.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) because it reads content from external files and uses that content to determine how to modify other project files.
  • Ingestion points: The agent reads delta specification files located at openspec/changes/<name>/specs/*/spec.md as described in Step 2 and Step 3a.
  • Boundary markers: None. The skill does not instruct the agent to use delimiters or ignore instructions embedded within the delta specs.
  • Capability inventory: The agent is authorized to create and modify specification files at openspec/specs/<capability>/spec.md using the logic defined in Step 3c and 3d.
  • Sanitization: There is no evidence of sanitization or validation of the input content before it is used to perform 'intelligent merging' into the main specification files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 03:23 PM