skills/bmal/skills/to-prd/Gen Agent Trust Hub

to-prd

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, such as encoded instructions, credential harvesting, or unauthorized persistence mechanisms, were found. The skill serves a legitimate administrative purpose.
  • [COMMAND_EXECUTION]: The skill instructs the agent to publish the PRD to a project issue tracker, which typically involves the use of platform-integrated tools (e.g., GitHub CLI) to create issues.
  • [DATA_EXFILTRATION]: Information gathered from the conversation and codebase is sent to an external issue tracker. This data movement is the explicitly stated function of the skill and does not appear to involve unauthorized access to sensitive files like SSH keys or environment secrets.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data from the conversation history and repository files to produce output for a tracking system.
  • Ingestion points: Conversation context and codebase content (SKILL.md).
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are included in the instructions.
  • Capability inventory: Writing to the project issue tracker (SKILL.md).
  • Sanitization: No explicit sanitization or content validation steps are defined before the PRD is published.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 10:59 AM