openspec
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill leverages the
x openspeccommand-line interface to execute project-specific tasks such asinit,change, andvalidate. These commands are used to maintain project structure and align with the skill's stated purpose of coordinating coding collaboration. - [DATA_EXPOSURE]: The framework operates on local markdown files (
.md) to track specifications and proposed changes. It does not attempt to access sensitive system files (e.g., .ssh, .aws) or credentials. - [SAFE]: Analysis across all 10 threat categories confirms the absence of prompt injection, obfuscation, persistence mechanisms, or unauthorized remote code execution. The workflow relies on user-initiated commands and standard project management practices.
Audit Metadata