create-prd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface.
- Ingestion points: User feature requests and interactive answers are ingested to generate the content of the PRD document and the filename.
- Boundary markers: Absent. There are no explicit instructions for the agent to treat user input as untrusted data or to use delimiters when interpolating input into the generated markdown file.
- Capability inventory: File system write access is required to create the
prds/directory and save markdown files. - Sanitization: Absent. There is no mention of sanitizing the
[feature-name]variable or the user-provided descriptions, which could lead to path traversal if the agent logic for file saving is not robust.
Audit Metadata