prd
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by ingesting and processing data from external artifacts (brainstorming.md, goal-definition.md, context-map.md).
- Ingestion points: The skill reads multiple markdown files from the artifact folder in Step 1 of its process.
- Boundary markers: The instructions do not specify any boundary markers or delimiters to isolate untrusted content from the system instructions.
- Capability inventory: The skill performs file system read/write operations but does not have network access or the ability to execute arbitrary shell commands.
- Sanitization: No sanitization or validation of the input artifact content is performed before it is used to generate the PRD output.
Audit Metadata