prd-suite
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data from
requirement_template.mdand external.xmindfiles to generate PRD content. Malicious instructions embedded in these files could attempt to manipulate the agent's behavior during the extraction or generation phase. - [COMMAND_EXECUTION]: The helper script
scripts/utils.jsprovides file system capabilities (readFile,writeFile,mkdir) using the Node.jsfsmodule. The lack of path sanitization when deriving filenames from project names (extracted from untrusted templates) creates a potential path traversal surface, though the mandatory human review process defined intemplates/review_process.mdserves as a significant security control.
Audit Metadata