prd
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a structured template-driven document generator. It follows a logical pipeline for processing project requirements without introducing security risks.
- [DATA_EXPOSURE]: The skill reads from and writes to a user-defined or project-specific 'artifact folder'. It accesses project-related markdown files (e.g., brainstorming.md, context-map.md) but does not access sensitive system directories, credentials, or environment variables.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from upstream artifacts (brainstorming.md, goal-definition.md, context-map.md).
- Ingestion points: SKILL.md Step 1 reads these files to extract project context.
- Boundary markers: Absent; the skill extracts information based on structure but does not wrap input in protective delimiters.
- Capability inventory: Limited to reading and writing local markdown files. No subprocess calls, network access, or dynamic code execution capabilities are present.
- Sanitization: Absent; input is treated as text to be summarized or reformatted. The risk is considered low because the output is a static text document.
Audit Metadata