prd-generator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted user data into structured documentation and tool actions.
- Ingestion points: Product ideas, requirements, and concepts gathered from the user through conversation as described in SKILL.md.
- Boundary markers: The skill instructions do not specify the use of delimiters (such as triple quotes or XML tags) or explicit instructions for the model to ignore embedded commands within the product concept data.
- Capability inventory: The skill possesses the capability to write markdown files to the local
product-docs/directory and use the Atlassian MCP server to create Epics, Stories, and Sub-tasks in Jira (references/atlassian_mcp.md). - Sanitization: There is no evidence of explicit sanitization or validation of the user input before it is interpolated into templates or used as arguments for the Jira integration tools.
Audit Metadata