Skills
skills/pixel-process-ug/superkit-agents/prd-generation/Gen Agent Trust Hub

prd-generation

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: Vulnerability surface analysis for indirect prompt injection:
  • Ingestion points: User-provided product ideas and feature requirements during Phase 1 (SKILL.md).
  • Boundary markers: Absent; user input is interpolated into the PRD template without protective delimiters or instructions to ignore embedded commands.
  • Capability inventory: File system write operations to the 'docs/prds/' directory and version control commits (SKILL.md).
  • Sanitization: Absent; the skill does not specify any filtering or validation of user-provided content.
  • [COMMAND_EXECUTION]: The skill uses shell commands for repository management.
  • Evidence: Phase 4 instructs the agent to commit the generated documentation using git.
  • [NO_CODE]: The skill consists of a markdown instruction file and does not include any accompanying script files or executables.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 12:42 AM