skills/akillness/oh-my-skills/to-prd/Gen Agent Trust Hub

to-prd

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by processing external codebase data to generate documentation.
  • Ingestion points: Codebase state and conversation context (SKILL.md).
  • Boundary markers: No delimiters or instructions are used to prevent the agent from following instructions embedded within the codebase or context.
  • Capability inventory: The skill is permitted to use Bash, Write, Edit, Grep, and Glob tools (SKILL.md).
  • Sanitization: No validation or sanitization of the processed context is performed.
  • [COMMAND_EXECUTION]: The skill references the execution of a local validator script (.agent-skills/skill-standardization/scripts/validate_skill.sh) and a setup command (setup-matt-pocock-skills) as part of its operational workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 01:54 AM
Security Audit — agent-trust-hub — to-prd