eliteforge-prd-generator

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest local context, such as existing documentation and product notes, which constitutes a surface for indirect prompt injection. Adversarial instructions embedded in those processed files could influence the agent's output or behavior.
  • Ingestion points: The agent reads local existing docs, product notes, adjacent PRDs, specs, and feature folders as specified in the operating rules of SKILL.md.
  • Boundary markers: The instructions do not define explicit boundary markers or directions to ignore instructions found within the ingested context.
  • Capability inventory: The agent can perform file system writes (Typst and PDF files) and execute shell-based tools like rg and the typst compiler.
  • Sanitization: No specific sanitization or filtering logic is mentioned for the content extracted from local files.
  • [COMMAND_EXECUTION]: The skill relies on executing local system utilities to perform its core functions. It utilizes rg (ripgrep) to facilitate searchable requirements and the typst compiler to generate PDF exports from Typst source files.
  • [EXTERNAL_DOWNLOADS]: The provided Typst template (assets/prd-template.typ) imports the mmdr package from the official Typst @preview repository. This is a standard mechanism used by the Typst typesetting system to render Mermaid diagrams and represents a download from a well-known technology service.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 11:44 AM
Security Audit — agent-trust-hub — eliteforge-prd-generator