agents-generator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation, providing instructions and templates for an AI agent to follow. It does not include any scripts, binaries, or automated tasks.
- [PROMPT_INJECTION]: The skill defines an indirect prompt injection surface by instructing the agent to ingest content from external project files such as PRDs, research notes, and source code.
- Ingestion points: Files located at
pm-workspace-docs/initiatives/active/[name]/prd.md,pm-workspace-docs/company-context/personas.md, and component story files (.stories.tsx). - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded prompts within the source data.
- Capability inventory: The skill has no capability to execute shell commands, perform network operations, or access sensitive system credentials. Its only function is text generation.
- Sanitization: There is no explicit sanitization logic for the data extracted from source files.
Audit Metadata