doc-prd-audit
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided Product Requirement Documents (PRDs) as primary input, creating a surface for indirect prompt injection.
- Ingestion points: The skill reads PRD files from the
docs/02_PRD/directory to perform auditing tasks. - Boundary markers: The skill definition lacks explicit boundary markers or system instructions to ignore potential commands embedded within the untrusted PRD content.
- Capability inventory: The skill executes several sub-skills (
doc-prd-validator,doc-prd-reviewer,doc-prd-fixer) and performs filesystem write operations to generate reports. - Sanitization: No sanitization of the document content is specified before the findings are extracted and passed to downstream tools like the fixer.
- [COMMAND_EXECUTION]: The skill orchestrates the execution of other internal audit tools.
- Details: It sequentially runs
doc-prd-validatoranddoc-prd-reviewer, then optionally hands off execution todoc-prd-fixer. These commands are executed based on the defined audit workflow using localized skill references.
Audit Metadata