openspec-apply-change

The skill’s footprint is coherent with its stated purpose: it orchestrates change application via the openspec CLI, reads contextual artifacts, progresses tasks, and communicates status. There are no evident credential or data exfiltration requirements, and there is no unsolicited network activity described. The primary risk hinges on trust in the external openspec CLI and any files it may read/write; provided openspec is trustworthy and the agent operates within a scoped, well-defined task context, the risk is low to moderate. Overall, the skill appears benign and appropriately scoped for its purpose, with standard safeguards documented (pause on ambiguity, read context first, minimal, task-focused changes).