Skills
skills/kehwar/skills/write-a-prd/Gen Agent Trust Hub

write-a-prd

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill operates as intended for a documentation tool, using standard repository exploration and local file creation patterns without malicious intent.
  • [PROMPT_INJECTION]: The skill is subject to a potential indirect prompt injection surface because it processes untrusted data from the local codebase.
  • Ingestion points: Local repository files are read during the exploration phase (Step 2).
  • Boundary markers: Absent; the instructions do not explicitly tell the agent to ignore instructions that might be found within the files it explores.
  • Capability inventory: The skill has the capability to write files to the 'docs/prd/' directory (Step 5).
  • Sanitization: Absent; content derived from the codebase and user interview is interpolated directly into the PRD template.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 03:31 PM
Security Audit — agent-trust-hub — write-a-prd