prd-lite
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface.
- Ingestion points: The skill accepts untrusted user input via "rough MVP or demo description" defined in the Input section of
SKILL.md. - Boundary markers: Absent. The instructions do not use delimiters (e.g., triple quotes) or provide guidance to the model to ignore instructions embedded within the user data.
- Capability inventory: The skill includes a post-generation tool call to
prd-clarifier, which extends the potential impact of an injection by passing context to a downstream process. - Sanitization: No sanitization or validation of the user-provided text is performed before it is integrated into the prompt context.
Audit Metadata