prd-creator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted user input to generate a PRD document written to
docs/prd.mdwithout sanitization. - Ingestion points: User-provided descriptions of product goals, features, and technical requirements in
SKILL.md. - Boundary markers: Absent. The agent is not instructed to use delimiters or ignore instructions within user data.
- Capability inventory: Local file system write access to
docs/prd.md. - Sanitization: None. User input is interpolated directly into the markdown template.
- Impact: Malicious input could inject deceptive content or instructions into the generated project documentation, targeting downstream human reviewers or automated tools.
Audit Metadata