Skills
skills/teachingai/full-stack-skills/openspec-initial/Gen Agent Trust Hub

openspec-initial

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the openspec init command to establish the openspec/ directory structure and configure integrations for various AI coding tools.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and support resources hosted on GitHub (github.com/Fission-AI/OpenSpec) to provide users with additional context and troubleshooting information.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8):
  • Ingestion points: The skill interacts with the local project directory and existing files during the initialization process (SKILL.md).
  • Boundary markers: No specific boundary markers are defined to isolate external project content from agent instructions.
  • Capability inventory: The skill is capable of executing CLI commands and writing configuration files to the local filesystem (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the project's directory content is specified in the initialization workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 10:50 AM