create-prd
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks due to the processing of untrusted user input in a multi-step workflow.\n- Ingestion points: User-provided feature descriptions (Step 1) and codebase context gathering (Step 2).\n- Boundary markers: Absent; no specific markers or instructions are provided to delineate untrusted user input from system instructions.\n- Capability inventory: File system read operations for context and write operations for documentation storage.\n- Sanitization: No explicit sanitization or filtering is performed on user inputs prior to their inclusion in the generated PRD.
Audit Metadata