openspec-continue-change
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the openspec CLI tool to perform state checks and instruction retrieval.\n
- Evidence: Commands used include openspec list, openspec status, and openspec instructions. This is standard functionality for the vendor's tool.\n- [DATA_EXFILTRATION]: The skill performs local file system operations to read and write project artifacts.\n
- Evidence: The skill reads existing artifacts and writes new content to the output path specified by the CLI. No sensitive file access or network-based exfiltration was identified.\n- [PROMPT_INJECTION]: The skill includes instructions to prevent the agent from being confused by metadata or context provided in the tool's output.\n
- Evidence: Guardrails explicitly instruct the agent not to copy context or rules blocks into the final artifact files, maintaining a clear separation between instructions and content.
Audit Metadata