prd-approve
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions (SKILL.md and README.md) and does not include any executable scripts, binaries, or configuration files that could run on the host system.
- [SAFE]: The skill's operations are strictly limited to the local project directory, specifically the
outputs/prds/folder and thePRD-PIPELINE.mdfile at the root. It does not attempt to access sensitive system directories (e.g., .ssh, .aws) or environment variables. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes content from externally generated files. However, given its limited capabilities, the risk is minimal.
- Ingestion points: The skill reads
outputs/prds/[prd-name].mdandoutputs/prds/[prd-name]-review-synthesis.mdto verify status and pull summary information. - Boundary markers: Absent; the skill directly extracts and displays lines like "Overall Assessment" from the synthesis file.
- Capability inventory: The skill is restricted to reading and writing local markdown files within the project workspace.
- Sanitization: No explicit sanitization or escaping of the ingested file content is performed before it is presented to the user.
Audit Metadata