prd-draft
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network operations were detected in the skill instructions or installation steps.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from the workspace.
- Ingestion points: The skill reads from multiple local files including
context-library/strategy/,context-library/prds/,context-library/research/, andcontext-library/business-info-template.md. - Boundary markers: No explicit delimiters or instructions are used to separate ingested context from system instructions in the prompt construction logic.
- Capability inventory: The skill is restricted to file writing (to the
outputs/prds/directory) and does not have access to sensitive system commands, privilege escalation tools, or network exfiltration capabilities. - Sanitization: There is no evidence of input validation or sanitization for the content ingested from the workspace files.
Audit Metadata