prd
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill accepts unvalidated feature descriptions from users as the primary source for PRD generation.
- Boundary markers: The generated output does not use specific delimiters or instructions to prevent downstream agents from executing commands embedded within the PRD text.
- Capability inventory: The skill performs file system write operations to the tasks/ directory via the agent system.
- Sanitization: There is no logic to sanitize or escape user-provided content before it is persisted to the output file.
Audit Metadata