Skills
skills/memyselfandm/cconami/workshopping-prds/Gen Agent Trust Hub

workshopping-prds

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Potential for Indirect Prompt Injection (Category 8).
  • Ingestion points: Data is ingested from external work items via the --from-item parameter and from conversational user input during the four-phase workshop.
  • Boundary markers: The skill lacks explicit boundary markers or instructions to ignore embedded commands when interpolating gathered data into the final PRD synthesis phase.
  • Capability inventory: The skill has the capability to write files to user-specified paths (--output PATH) and create work items (epics) in external systems via the pm-context tool.
  • Sanitization: No sanitization or validation of the input data is described before it is used in downstream document generation or tool calls.
  • [DATA_EXFILTRATION] (LOW): Arbitrary file path write.
  • The --output PATH option allows specifying a destination for the generated PRD. Without proper sandboxing by the agent, this could theoretically be used to target sensitive directory paths for file creation or overwriting.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 10:51 PM