Skills
skills/zhaono1/agent-playbook/prd-planner/Gen Agent Trust Hub

prd-planner

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes Bash, Grep, and Glob tools to perform recursive filesystem searches on the local codebase (e.g., grep -r ... src/) to identify patterns for edge case analysis.
  • [EXTERNAL_DOWNLOADS]: The skill uses a WebSearch tool to retrieve research and best practice information from external internet sources during the PRD creation process.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
  • Ingestion points: Untrusted data is brought into the context through WebSearch results and recursive codebase scans.
  • Boundary markers: The provided file templates do not implement delimiters or specific instructions to isolate ingested content from agent commands.
  • Capability inventory: The skill has permission to use Write, Edit, Bash, and WebSearch tools, allowing for filesystem modification and network interaction.
  • Sanitization: There is no evidence of validation or sanitization for the data retrieved from external web sources or local codebase files before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 02:59 PM