write-a-prd
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to read the local filesystem to analyze project code and write generated PRD files to the
prds/directory. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from the codebase and user input without specific boundary markers or sanitization.
- Ingestion points: User-provided problem descriptions (Step 1), user interview responses (Step 3), and existing codebase files including data models, services, and API routes (Step 2).
- Boundary markers: None provided; the instructions do not use delimiters or warnings to ignore instructions embedded within the codebase or user input.
- Capability inventory: The skill performs local file read operations for code exploration and local file write operations for saving PRDs.
- Sanitization: There is no evidence of sanitization or validation of the content retrieved from the codebase or user input before it is used to construct the output.
Audit Metadata