Skills
skills/kenlck/skills/write-a-prd/Gen Agent Trust Hub

write-a-prd

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected during the analysis of the skill instructions and reference materials.
  • [DATA_EXPOSURE]: The skill performs codebase exploration to understand the current state of a project (components, design system, tech stack). This access is localized to the repository context and is used solely for generating the PRD, with no evidence of sensitive data harvesting or external transmission.
  • [COMMAND_EXECUTION]: The skill uses file system operations to read the codebase and write the final PRD to a local directory (plans/). These operations are consistent with the skill's stated purpose as a documentation tool.
  • [INDIRECT_PROMPT_INJECTION]: While the skill ingests data from the codebase (untrusted source) and possesses file-writing capabilities, the risk is negligible as the output is restricted to markdown PRDs in a specific project directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 08:12 AM