product-spec-builder
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its integration with external files and user-provided data.
- Ingestion points: The skill is designed to find and load local files such as 'Product-Spec.md', 'spec.md', and 'prd.md' to perform updates or iterations.
- Boundary markers: The instructions do not define clear delimiters or specific guidance for the agent to distinguish between its own instructions and data contained within the ingested files.
- Capability inventory: The skill is authorized to perform web searches and modify the local filesystem by writing and updating Markdown files.
- Sanitization: There is no evidence of content sanitization or validation of data retrieved from local files or user input before it is used to influence the agent's behavior.
Audit Metadata