prd-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and reference documents do not contain any malicious payloads, hardcoded credentials, or attempts to access sensitive system files. The logic is entirely focused on document quality analysis.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No network operations (curl, wget, fetch) or data exfiltration patterns were identified. The skill operates locally on provided PRD content.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted PRD data.
- Ingestion points: PRD file content and project-related documentation files (File: SKILL.md).
- Boundary markers: Absent; the instructions do not explicitly mandate delimiters or instructions to ignore embedded commands within the analyzed PRDs.
- Capability inventory: The skill is limited to reading files and generating text-based review reports. It does not have access to the network, subprocesses, or system-altering commands.
- Sanitization: Absent; the skill does not perform content filtering or escaping of the ingested PRD data.
- [PROMPT_INJECTION]: No override markers or jailbreak attempts were found in the skill's instructions. The core principles emphasize an 'independent perspective' and 'gatekeeper mindset' which promotes adherence to the defined review dimensions.
Audit Metadata