prd-stress-test
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: Data is ingested from external files specified by the user and from product context files in the .claude directory. 2. Boundary markers: PRD content is interpolated into prompts using simple headers but lacks instructions to disregard embedded commands. 3. Capability inventory: Agents have access to tools including Read, Glob, Grep, and Task, allowing for file system access and command execution. 4. Sanitization: No sanitization or validation is applied to the ingested text before it is sent to the LLM-based sub-agents.
Audit Metadata