Skills
skills/ww-ai-lab/openclaw-office/openspec-explore/Gen Agent Trust Hub

openspec-explore

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the openspec CLI (specifically openspec list --json) to retrieve information about active change proposals. This is a vendor-provided tool used to gather necessary context for the skill's operations.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from the codebase. Ingestion points: Files within the local codebase and OpenSpec documentation located in openspec/changes/. Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions for ingested content. Capability inventory: The skill can read codebase files and write to OpenSpec design and proposal artifacts. Sanitization: No validation or sanitization of the content read from the files is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 11:15 AM