to-prd
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a CLI tool named
bd(Beads) to manage tasks and issues. The instructions provide specific syntax for commands such asbd create,bd update, andbd close. These operations are consistent with the skill's stated purpose of publishing PRDs and managing engineering tasks. - [DATA_EXFILTRATION]: The skill is designed to read and process repository content (codebase understanding and domain glossary) to generate documentation. While this data is sent to the Beads issue tracker via the
bdCLI, this behavior is the primary intended functionality and does not indicate malicious exfiltration. - [PROMPT_INJECTION]: There is a potential for indirect prompt injection as the skill reads untrusted repository data to synthesize PRDs. The skill lacks explicit boundary markers or sanitization instructions for this ingested data, but this is a common surface for engineering skills and no malicious intent was detected.
Audit Metadata