The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local openspec CLI commands to list changes, retrieve status, and obtain implementation instructions. These are legitimate operations for the tool's stated purpose.
[PROMPT_INJECTION]: The skill processes project files which could contain indirect prompt injections that influence the agent's code changes. Ingestion points: Task lists and context files (specs, designs) read during the implementation loop. Boundary markers: None; the agent processes the file content directly without delimiters or safety instructions. Capability inventory: The skill can modify any file in the repository and execute predefined CLI tools. Sanitization: The skill does not validate or sanitize the content of the files before following the instructions contained within them.

openspec-apply-change