eliteforge-prd-generator
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest local context, such as existing documentation and product notes, which constitutes a surface for indirect prompt injection. Adversarial instructions embedded in those processed files could influence the agent's output or behavior.
- Ingestion points: The agent reads local
existing docs,product notes,adjacent PRDs,specs, andfeature foldersas specified in the operating rules of SKILL.md. - Boundary markers: The instructions do not define explicit boundary markers or directions to ignore instructions found within the ingested context.
- Capability inventory: The agent can perform file system writes (Typst and PDF files) and execute shell-based tools like
rgand thetypstcompiler. - Sanitization: No specific sanitization or filtering logic is mentioned for the content extracted from local files.
- [COMMAND_EXECUTION]: The skill relies on executing local system utilities to perform its core functions. It utilizes
rg(ripgrep) to facilitate searchable requirements and thetypstcompiler to generate PDF exports from Typst source files. - [EXTERNAL_DOWNLOADS]: The provided Typst template (
assets/prd-template.typ) imports themmdrpackage from the official Typst@previewrepository. This is a standard mechanism used by the Typst typesetting system to render Mermaid diagrams and represents a download from a well-known technology service.
Audit Metadata