prd-tw
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) due to its core function of converting user wishlists and requirements into structured documentation.
- Ingestion points: User-provided feature descriptions, pain points, and wishlist items provided during Phase One and Phase Two (SKILL.md).
- Boundary markers: Absent; the instructions do not specify any delimiters or safety markers to isolate user-supplied content from the agent's internal logic.
- Capability inventory: The skill is authorized to generate and save documentation files, such as REQUIREMENTS.md, to the local file system (SKILL.md).
- Sanitization: Absent; the skill does not include steps to sanitize, escape, or validate the content of user requests before incorporating them into the final generated PRD.
Audit Metadata