product-requirements
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it automatically reads project-level configuration and documentation files to establish context for the Product Requirements Document (PRD).
- Ingestion points: The skill proactively reads the project's README, package.json, and pyproject.toml files during Step 1 (Initial Understanding & Context Gathering).
- Boundary markers: The instructions do not specify any delimiters or safety markers to wrap the content read from these files, nor do they include instructions for the agent to ignore potentially malicious embedded commands within the ingested data.
- Capability inventory: The skill has the capability to write documentation files directly to the docs/ directory on the local filesystem.
- Sanitization: There are no defined mechanisms for sanitizing, validating, or escaping the content retrieved from external project files before it is processed by the agent.
Audit Metadata