openspec-verify-change
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several 'openspec' CLI commands ('list', 'status', 'instructions apply') to manage change artifacts. These commands are necessary for the skill's primary functionality and are executed using parameters derived from the local environment.
- [SAFE]: The skill does not perform unauthorized network connections, attempt to access sensitive system files (like credentials or SSH keys), or use obfuscation techniques.
- [PROMPT_INJECTION]: The skill ingests data from local project files (e.g., 'tasks.md', 'design.md', and source code) to perform its analysis, which presents a surface for indirect prompt injection. \n
- Ingestion points: Reads contents of 'tasks.md', 'design.md', and files specified in 'contextFiles'. \n
- Boundary markers: None identified. \n
- Capability inventory: Execution of 'openspec' CLI commands and local file system reads. \n
- Sanitization: Content is parsed for completion status and keywords without specific sanitization.
Audit Metadata