Skills
skills/ww-ai-lab/openclaw-office/openspec-propose/Gen Agent Trust Hub

openspec-propose

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill interfaces with the local system by running openspec CLI commands to manage the lifecycle of change proposals and retrieve metadata for artifact generation.
  • [EXTERNAL_DOWNLOADS]: Requires the openspec command-line utility as a prerequisite for operation, representing an external tool dependency.
  • [PROMPT_INJECTION]: The skill reads instructions and context from the output of CLI commands and existing files. This creates an indirect prompt injection surface where data from these sources could influence the agent's behavior, although the skill includes explicit instructions to use this data as constraints rather than direct content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 11:15 AM