write-a-prd
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines a purely instructional workflow for creating documentation. It does not include scripts, hardcoded credentials, or instructions for privileged operations.
- [NO_CODE]: This skill consists entirely of markdown instructions and does not bundle or execute any code files.
- [PROMPT_INJECTION]: The skill design includes an indirect prompt injection surface because it involves reading and processing untrusted data from a repository and user input. This is a necessary part of its intended functionality.
- Ingestion points: User-provided problem descriptions (Step 1) and repository content exploration (Step 2) in SKILL.md.
- Boundary markers: The instructions lack explicit delimiters or guidance for the agent to ignore instructions that might be embedded in the codebase or user feedback.
- Capability inventory: The skill implies the use of file-reading tools for exploration and GitHub integration for issue submission.
- Sanitization: There is no requirement for the agent to sanitize or escape the content gathered from the repo or user before including it in the PRD.
Audit Metadata