product-manager
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: All components of the skill, including the instructions, templates, and scripts, are strictly focused on legitimate product management activities. The included Python script (prioritize.py) and Bash script (validate-prd.sh) are limited to local calculations and document validation, with no evidence of malicious intent, network activity, or unauthorized file access.
- [PROMPT_INJECTION]: The skill processes user-provided product briefs and stakeholder feedback, which represents a standard surface for indirect prompt injection. 1. Ingestion points: External product briefs and requirements documentation are read from the file system or collected via user prompts. 2. Boundary markers: No specific delimiters or safety instructions are used to isolate untrusted input within the subagent orchestration prompts. 3. Capability inventory: The agent has access to Bash for local script execution and file modification tools (Write, Edit). 4. Sanitization: Requirements text is used directly to populate templates. This surface is inherent to the skill's function and no exploitable pattern was detected.
Audit Metadata