authoring-prd
Warn
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill metadata and body content include deceptive claims about the skill's safety and review status. Evidence: The YAML frontmatter contains 'status: reviewed' and 'reviewed: 2026-06-04', using future dates to simulate a verified state. These claims are misleading and may be intended to influence the safety assessment of the agent or reviewer.
- [PROMPT_INJECTION]: The skill is designed to process external, untrusted product ideas and documents, making it susceptible to indirect prompt injection. Ingestion points: Workflow Step 2 in 'SKILL.md' and the 'Inputs' section instruct the agent to read project ideas and all provided upstream context documents. Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from executing commands that might be embedded in the provided project context. Capability inventory: The skill assumes access to a PRD template tool and a deep-research capability to process and elaborate on the input. Sanitization: No sanitization or validation logic is defined for the ingested data.
- [NO_CODE]: The skill is composed entirely of instructional markdown files and does not contain any executable code, scripts, or binary dependencies.
Audit Metadata