cy-create-prd
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes content from user-provided
_idea.mdfiles, existing_prd.mdfiles, and codebase search results (SKILL.md, Step 1 and 2). - Ingestion points: External data enters the context through direct file reads and codebase pattern matching during the discovery phase.
- Boundary markers: The skill does not define explicit delimiters or 'ignore' instructions for the agent when processing ingested data to separate it from core instructions.
- Capability inventory: The skill is capable of directory creation, file writing to the
.compozy/tasks/path, and performing web research via agent search tools (SKILL.md, Step 2, 4, 5, and 7). - Sanitization: Content from context files is synthesized directly into the final PRD draft without automated sanitization or validation logic, relying on manual user oversight.
Audit Metadata