oma-pm
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for architectural planning and task decomposition. No malicious code, obfuscation, or unauthorized network operations were detected.
- [DATA_EXPOSURE]: The skill uses tools like
get_symbols_overviewandsearch_for_patternto analyze local codebases for framework indicators. This is a standard and intended capability for a PM agent to understand existing architecture during the planning phase. - [COMMAND_EXECUTION]: While the skill mentions execution protocols and CLI modes, these appear to be part of the platform's infrastructure (
oma agent:spawn) rather than arbitrary command execution initiated by the skill itself. - [PROMPT_INJECTION]: No patterns associated with prompt injection, jailbreaks, or instruction overrides were found. The skill maintains a consistent role as a product manager.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user input to generate plans. While this is an ingestion point for untrusted data, the skill's capabilities are limited to generating JSON plans and markdown task boards, posing minimal risk. The core rules explicitly emphasize that security and testing should be part of every generated task.
Audit Metadata