do-create-techspec
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs a deep analysis of the project codebase in Step 3 and subsequently uses Web Search in Step 4. There is an inherent risk that project-specific details, architectural decisions, or code snippets discovered during analysis may be included in search engine queries, leading to data exposure.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from user-provided PRD files and the local codebase.
- Ingestion points: Files located at
prds/prd-[feature-slug]/prd.mdand any file discovered during project exploration in Step 3. - Boundary markers: None identified. The instructions do not specify delimiters or warnings for the agent to ignore embedded instructions in the ingested files.
- Capability inventory: The skill uses tools for directory listing, file reading, file writing to
./prds/prd-[feature-slug]/techspec.md, Web Search, and MCP tool invocation (Context7). - Sanitization: No sanitization or validation logic is defined for the content extracted from the PRD or codebase before it is used to generate the final specification.
Audit Metadata