product-skills
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a significant surface for Indirect Prompt Injection. Several components are designed to ingest and process untrusted external data, which could contain malicious instructions designed to override agent behavior:
code-to-prd/SKILL.md: Instructs the agent to analyze arbitrary codebases, which may contain malicious instructions in code comments or file metadata.research-summarizer/SKILL.md: Designed to summarize academic papers and web articles which could harbor hidden prompts.product-manager-toolkit/scripts/customer_interview_analyzer.py: Processes interview transcripts that may contain adversarial input.- [COMMAND_EXECUTION]: The skill uses local system commands to perform its core functions:
roadmap-communicator/scripts/changelog_generator.py: Executesgit logviasubprocess.runto extract commit history. While necessary for the tool's purpose, it represents a command execution capability triggered by user-supplied references.code-to-prd/scripts/codebase_analyzer.py: Performs extensive filesystem traversal to identify project structures and extract business logic.saas-scaffolder/scripts/project_bootstrapper.pyandlanding-page-generator/scripts/landing_page_scaffolder.py: These scripts programmatically create directories and write multiple files to the local disk based on configuration inputs.- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for external resource acquisition:
SKILL.mdandresearch-summarizer/SKILL.mdsuggest usinggit cloneto fetch the toolkit from the author's GitHub repository andnpxto install via a command-line interface.
Audit Metadata