jpralph-convert
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted PRD data (Markdown/text) to generate structured output, which is a surface for indirect prompt injection. 1. Ingestion points: User-provided PRD content processed in SKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for input processing. 3. Capability inventory: The skill performs file system operations including reading/writing 'prd.json' and creating directories in an 'archive/' folder. 4. Sanitization: No sanitization of input strings (like feature names used for directory creation) is documented.
- [Safe] (SAFE): The skill does not attempt to access sensitive system credentials, perform network exfiltration, or execute remote code. All operations are scoped to project-specific metadata management.
Audit Metadata