prd-to-ai-agile-workflow
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions and metadata. It does not contain any executable scripts, binaries, or automated tool calls.
- [SAFE]: The skill's instructions are focused on organizational workflow and include explicit 'Privacy Rules' that forbid pushing or submitting anything externally without user approval and require masking private project data.
- [SAFE]: Although the skill processes external data such as PRDs and branch diffs—which is an inherent surface for indirect prompt injection—it does not request or utilize any high-privilege tools like network access or arbitrary code execution, significantly limiting the potential impact of such an attack. The workflow also emphasizes human review and verification checkpoints.
Audit Metadata