write-a-prd
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill's instructions or metadata.
- [COMMAND_EXECUTION]: The skill instructs the agent to create a directory and write a markdown file to
issues/prd.md. These are legitimate operations within the context of the skill's stated purpose of PRD generation. - [PROMPT_INJECTION]: The skill involves processing untrusted data from both the user's brief and the repository codebase (Indirect Prompt Injection surface). However, the instructions include a specific constraint forbidding the use of external services or GitHub issue submissions, which acts as a safeguard against exfiltration or unauthorized external actions resulting from malicious content in the ingested data.
Audit Metadata