Skills
skills/nsantini/gsdl/gsdl-create-prd/Gen Agent Trust Hub

gsdl-create-prd

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to how it handles external file content.
  • Ingestion points: The skill reads the .planning/[project-name]/seed.md file as the primary source of truth for generating requirements (Step 1 in SKILL.md).
  • Boundary markers: The instructions lack delimiters or specific directives for the agent to ignore natural language instructions or overrides contained within the seed file content.
  • Capability inventory: The skill has the capability to read files from the local disk and write new Markdown files back to the .planning/ directory structure.
  • Sanitization: There is no evidence of input validation, escaping, or filtering of the content retrieved from the seed file before it is used to generate the final document.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 10:16 PM