prd
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for static document generation and does not utilize any executable code, shell commands, or external network requests. It follows a rigid markdown template and explicitly instructs the agent to refrain from implementing the features described in the PRD.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external user descriptions to generate files that may be read by other agents or developers.
- Ingestion points: User-provided feature descriptions and responses to lettered options defined in
SKILL.md. - Boundary markers: Absent; user input is directly interpolated into the markdown sections (e.g., Introduction, Goals) without specific delimiters or isolation instructions.
- Capability inventory: The skill is limited to file-write operations within the
tasks/directory. No subprocess spawning, code execution (eval/exec), or network capabilities are present in the skill definition. - Sanitization: No input validation or sanitization is performed on the user's description before it is written to the markdown file.
Audit Metadata