Skills
skills/evans-sam/skills/prd-to-plan/Gen Agent Trust Hub

prd-to-plan

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from various external and untrusted sources.
  • Ingestion points: The skill reads content from local files, GitHub wikis, Notion pages, Confluence docs, Linear tickets, and Figma designs as described in the 'Locate the PRD' and 'Gather external context' sections of SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate instructions that may be embedded within the ingested PRDs or external documentation.
  • Capability inventory: The agent has the capability to read the local codebase and write implementation plans as Markdown files to the local file system.
  • Sanitization: The skill does not implement any visible sanitization or validation of the content fetched from external APIs or local files before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 06:03 PM