prd-studio
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface through its handling of external data.
- Ingestion points: User requirements and BRD files are directly interpolated into subagent prompts during the initialization and Writer phases.
- Boundary markers: Absent; the prompts for the subagents lack delimiters or specific instructions to ignore instructions embedded within the processed source files.
- Capability inventory: The agent has file system access (read/write) and can execute shell commands via bash.
- Sanitization: No sanitization or validation of input data is performed before it is used to drive agent behavior.
- [COMMAND_EXECUTION]: The skill uses shell commands for workspace setup.
- Evidence: The initialization phase executes
mkdir -p workflow/to establish a directory for state and document storage.
Audit Metadata