doc-prd-fixer
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation includes logic for executing local system commands such as
sha256sumto verify file integrity andshutilorosmodules for file system management (moving files and creating directories). These operations are consistent with the skill's stated purpose of document management. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) because it ingests untrusted data from external sources.
- Ingestion points: Reads content from PRD documents, Audit Reports, and BRD files (SKILL.md).
- Boundary markers: None explicitly defined in the provided logic for differentiating between instructions and data during processing.
- Capability inventory: Includes file system modification (
shutil.move,Path.write_text), directory creation (os.makedirs), and integrity verification via shell (sha256sum). - Sanitization: No specific sanitization or escaping mechanisms are described for the content extracted from upstream documents before it is rewritten or processed.
Audit Metadata