write-a-prd
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration attempts were detected. The skill performs expected actions for a development assistant within a development environment.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is instructed to explore the repository to understand the codebase state. \n
- Ingestion points: Local repository files (Step 2: Explore the repo) and user input (Step 1, 3).\n
- Boundary markers: Absent. The instructions do not specify boundaries or ignore-instructions markers for repository content.\n
- Capability inventory: Capability to create and store documents using
document_create(Step 5).\n - Sanitization: No sanitization or validation of the ingested codebase content is specified.
Audit Metadata