faion-product-manager
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill identifies and ingests data from local project files such as
constitution.md,roadmap.md, and backlog items. While this creates a potential surface for indirect prompt injection where untrusted content in those files could influence agent behavior, the skill's capabilities are limited to standard file operations and task dispatching. The documentation does not specify explicit boundary markers or sanitization for these inputs. - Ingestion points: Files matching
**/.aidocs/*,constitution.md,roadmap.md, anduser-personas.md. - Boundary markers: Absent in methodology documentation.
- Capability inventory:
Read,Write,Edit,Glob,Bash(ls, mkdir), andTask(sub-agent dispatching). - Sanitization: Not explicitly defined in the provided markdown files.
Audit Metadata