write-prd
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists exclusively of natural language instructions intended to guide the agent's behavior during a product discovery interview. No scripts, binaries, or command executions were found.
- [PROMPT_INJECTION]: The skill instructs the agent to 'explore the codebase or existing project files' to answer questions during the discovery phase. This introduces a surface for indirect prompt injection where instructions hidden in the project files could influence the agent's output. Evidence Chain: 1. Ingestion points: Local codebase and existing project files (SKILL.md Phase 1). 2. Boundary markers: Absent; the prompt does not provide delimiters or instructions to ignore content from the files. 3. Capability inventory: Read access to the local filesystem (implied by 'explore'). 4. Sanitization: Absent; no filtering or validation logic is specified for the ingested content.
Audit Metadata