project-management
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for managing project documentation that serves as an LLM memory source, creating a surface for indirect prompt injection. \n
- Ingestion points: Data is ingested from files in the
prd/directory, specificallyprd/changelog.md, which is explicitly intended as a memory document for the agent.\n - Boundary markers: The skill does not include instructions to the agent to ignore or isolate embedded instructions within the project documents.\n
- Capability inventory: The agent has the capability to read and write markdown files within the local project directory hierarchy.\n
- Sanitization: There is no specification for sanitizing or validating the content of user-provided project documents before they are processed by the agent.
Audit Metadata