write-a-prd
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: No malicious behavior or patterns were detected. The skill follows a legitimate development workflow, including codebase exploration and user interaction to define feature requirements.
- [DATA_EXFILTRATION]: The skill instructs the agent to submit the final PRD as a GitHub issue. Because GitHub is a well-known service and the submission is the intended final step of the skill's stated purpose, this network operation is considered safe and legitimate.
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection as it processes untrusted data from the repository.
- Ingestion points: Repository files during codebase exploration and user responses during interviews.
- Boundary markers: None are explicitly defined in the instructions to delimit repository content.
- Capability inventory: The skill has the capability to write to GitHub issues.
- Sanitization: No sanitization or filtering of codebase content is mentioned.
- Note: This vulnerability surface is inherent to the skill's primary function of analyzing code to write requirements and is not considered a finding that escalates the verdict in this context.
Audit Metadata