product-owner
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions focus on project management tasks such as idea capture and backlog prioritization using established frameworks (RICE, MoSCoW).
- [COMMAND_EXECUTION]: The skill utilizes filesystem discovery tools (e.g.,
Glob) to locate project-specific business feature documentation, which is appropriate for its stated purpose of module detection. - [DATA_EXPOSURE]: Access is limited to project documentation paths (e.g.,
docs/,.claude/docs/) and local artifact directories. There is no evidence of attempts to access sensitive system files or credentials. - [PROMPT_INJECTION]: While the skill uses strong directive language (e.g., "IMPORTANT MUST ATTENTION"), these instructions are used to enforce workflow consistency (such as using the
TaskCreatetool) rather than bypassing model safety filters or guidelines.
Audit Metadata