product-owner
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard project management workflows such as RICE and MoSCoW prioritization. It provides structured templates for product backlog items and idea artifacts without performing any high-risk operations.
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
Globtool for discovering project-specific business feature documentation (e.g.,docs/business-features/*/README.md). This search is limited to the local documentation directory and is used for module detection. - [DATA_EXFILTRATION]: Analysis confirmed no network calls, external URLs, or access to sensitive system files (such as SSH keys or environment secrets). The skill's file access is restricted to the workspace's documentation and team-artifact directories.
- [INDIRECT_PROMPT_INJECTION]: The skill's primary function involves reading and processing external project documentation and backlog items which may contain untrusted data.
- Ingestion points: Reads files from
docs/business-features/,docs/project-reference/, andteam-artifacts/pbis/(identified inSKILL.md). - Boundary markers: Not present; instructions do not specify delimiters to separate external file content from system instructions.
- Capability inventory: Uses
Globfor filesystem discovery, file-read operations,TaskCreatefor workflow management, andAskUserQuestionfor user interaction (identified inSKILL.md). - Sanitization: There are no explicit instructions to sanitize or validate the content of the ingested project files.
Audit Metadata