prd
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
opencommand to automatically preview generated PRD files in the user's default editor or viewer. While this involves shell execution, it is used for the primary purpose of the skill and targets a known local file path.- [PROMPT_INJECTION]: The skill maintains an indirect prompt injection surface by ingesting external data without explicit boundary markers or sanitization logic. - Ingestion points: User input from
$ARGUMENTS, responses toAskUserQuestion, and project configuration fromCLAUDE.md. - Boundary markers: Absent; user-provided strings are interpolated directly into file contents and task subjects.
- Capability inventory: The skill has access to file system modifications (
Write,Edit), task management (TaskCreate,TaskUpdate), and shell command execution (open). - Sanitization: No validation or escaping of external content is performed before interpolation into prompts or commands.
Audit Metadata