openspec-apply
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a legitimate procedural workflow for software development. It instructs the agent to read planning artifacts and implement code changes based on them.
- [DATA_EXFILTRATION]: No sensitive data access or network exfiltration patterns were detected. The skill only interacts with project-specific documentation and source code.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted data from project files to influence agent actions. However, this risk is inherent to the primary function of a coding assistant.
- Ingestion points:
tasks.md,design.md, andspecs/(identified in SKILL.md). - Boundary markers: Not specified in the instructions.
- Capability inventory: Reading and writing files, modifying code, and executing tests (identified in SKILL.md).
- Sanitization: Not specified in the instructions.
Audit Metadata