prd-generator
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands for Git operations, including branch detection, fetching, pulling with rebase, stashing, and pushing, which are standard for maintaining code and document repositories.
- [COMMAND_EXECUTION]: The skill includes a step to execute a local Python script (
python3 scripts/update_readme_ideas_index.py) to update the project index, which is consistent with its role as a documentation and repository management tool. - [SAFE]: The skill resolves project directory paths by reading local, non-sensitive configuration markers such as
~/.config/ideas-root.txtand~/.openclaw/ideas-root.txt. - [SAFE]: The skill ingests information from user-provided
idea.mdandvalidate.mdfiles to construct the PRD. Ingestion points: Phase 1 and Phase 2 (SKILL.md). Boundary markers: Absent. Capability inventory: git, python3, file-write (SKILL.md). Sanitization: Absent. This data flow is central to the skill's primary function and occurs within the user's local workspace.
Audit Metadata