prd
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill facilitates the ingestion of untrusted user data which is subsequently written to a persistent file, potentially influencing downstream automated processes. • Ingestion points: Feature descriptions and answers to clarifying questions provided by the user (SKILL.md). • Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore embedded instructions within user-provided text. • Capability inventory: The skill writes Markdown files to the local
tasks/directory. • Sanitization: Absent; the instructions direct the agent to incorporate user answers directly into the generated PRD structure. - [No Code] (SAFE): The skill consists entirely of natural language instructions and does not include any executable scripts, shell commands, or external package dependencies.
Audit Metadata