utility-pm-skill-builder
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts (lint-skills-frontmatter.sh, validate-agents-md.sh, validate-commands.sh) to ensure generated skills meet repository standards. These operations are restricted to the local environment and the skill's own directory structure.
- [PROMPT_INJECTION]: The skill has an ingestion surface for indirect prompt injection as it generates code and documentation based on user-supplied ideas. Evidence: 1. Ingestion points: User-provided PM skill ideas and justifications in Step 1 and Step 2 of SKILL.md. 2. Boundary markers: None explicitly defined to separate user input from generated instructions. 3. Capability inventory: The skill can write files to the local filesystem (_staging/ and skills/ directories) and execute local validation bash scripts. 4. Sanitization: No explicit sanitization or filtering of user input is performed before drafting implementation packets.
Audit Metadata