prd-writer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user data (PRDs) during modification and review workflows. This is a known attack surface for Indirect Prompt Injection. However, the risk is negligible as the skill lacks high-privilege capabilities such as shell execution, file-system modification, or network access.
- Ingestion points: User-supplied PRD content provided during the 'Modify' or 'Review' workflows.
- Boundary markers: Absent; the instructions do not define specific delimiters to separate user data from agent instructions.
- Capability inventory: None. The skill generates text output only.
- Sanitization: None specified in the instructions.
- No Code (SAFE): The skill contains only Markdown instructions (SKILL.md) and does not include any scripts, binaries, or automated tasks that could execute on the host system.
Audit Metadata