Skills
skills/leandrocfe/skills/to-prd/Gen Agent Trust Hub

to-prd

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration were detected. The skill operates within the scope of the project's repository and conversation context to perform its intended documentation functions.
  • [PROMPT_INJECTION]: The skill processes untrusted data from the conversation context and repository content, which represents an indirect prompt injection surface.
  • Ingestion points: Conversation context and repository files (SKILL.md).
  • Boundary markers: Absent; the prompt does not use delimiters to isolate external data or instruct the agent to ignore instructions embedded in the processed content.
  • Capability inventory: Reading repository files and writing to an external issue tracker.
  • Sanitization: No content validation or sanitization is specified before the synthesized data is published to the issue tracker.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 05:24 PM
Security Audit — agent-trust-hub — to-prd