Skills
skills/evans-sam/skills/prd-to-issues/Gen Agent Trust Hub

prd-to-issues

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches content and design context from well-known services like GitHub, Notion, Figma, and Linear to populate the requirement context.\n- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to create issue tickets based on the finalized implementation slices.\n- [PROMPT_INJECTION]: The skill processes untrusted external data (PRDs), which presents a surface for indirect prompt injection.\n
  • Ingestion points: External documents and data fetched from third-party URLs and platforms in Steps 1 and 2.\n
  • Boundary markers: None identified in the prompt to separate external content from system instructions.\n
  • Capability inventory: Creation of GitHub issues and potential writes to Notion, Linear, or local files in Step 6.\n
  • Sanitization: The skill incorporates a mandatory user review step ('Quiz the user') to verify the breakdown before execution, which serves as an effective control.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 11:55 PM