Skills
skills/teachingai/full-stack-skills/openspec-install/Gen Agent Trust Hub

openspec-install

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute global installation commands using npm, pnpm, yarn, bun, and nix. These commands are standard for installing CLI tools and match the skill's stated purpose.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the @fission-ai/openspec package from the public npm registry and refers to the Fission-AI/OpenSpec repository on GitHub for Nix-based installations. These are legitimate sources for the specified software.
  • [REMOTE_CODE_EXECUTION]: The skill uses the 'nix run' command which downloads and executes code directly from the Fission-AI/OpenSpec GitHub repository. This is a standard and documented method for using the OpenSpec tool in Nix environments.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 10:50 AM