prd
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No bypass or override patterns detected. The skill uses standard instructional language to define its PRD generation workflow.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive file paths or credentials. File-writing is limited to a local task directory (/tasks/) as part of the intended document generation process.
- Indirect Prompt Injection (LOW): 1. Ingestion points: The skill ingests untrusted feature descriptions from users (SKILL.md context). 2. Boundary markers: Absent; the skill does not wrap interpolated user input in delimiters. 3. Capability inventory: File-write access to the local /tasks/ directory. 4. Sanitization: No explicit sanitization of user input is mentioned, though kebab-case filename instructions provide minimal protection against path manipulation.
- Remote Code Execution (SAFE): No remote scripts or packages are downloaded. References to development tools like 'npm' or 'dev-browser' are purely for inclusion in the generated document's acceptance criteria and are not executed by the skill itself.
Audit Metadata