n8n-prd-generator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it is designed to ingest and process untrusted discovery call transcripts and client documentation. While the risk is mitigated by the skill's limited capabilities, it lacks specific defenses.
- Ingestion points: User-provided transcripts and notes (requested in the "Ask for Input" section).
- Boundary markers: No specific delimiters or instructions are used to separate user data from the skill's system instructions.
- Capability inventory: The skill can only generate text output and trigger UI-based questions; it has no access to shell commands, network requests, or file system writing.
- Sanitization: The instructions do not specify any validation or sanitization of the input text before processing.
Audit Metadata