prp-framework
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection where malicious instructions could be embedded in the data processed by the agent.
- Ingestion points: User-provided content within the PRD templates (Functional Requirements, Problem Statement, etc.) in
SKILL.md. - Boundary markers: Absent; the templates do not define clear delimiters or system instructions to ignore embedded commands within user fields.
- Capability inventory: The skill references task management capabilities via the
manage_taskfunction snippet inSKILL.md. - Sanitization: No sanitization, escaping, or validation logic is specified for the user-controlled requirement strings before they are used to generate tasks.
Audit Metadata