Skills
skills/mattpocock/ralph-workshop-repo-001/write-a-prd/Gen Agent Trust Hub

write-a-prd

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to 'explore the repo to verify their assertions'. This allows instructions embedded in the repository files to potentially influence the agent's behavior during the task.
  • Ingestion points: User input and repository content (SKILL.md, steps 1 and 2).
  • Boundary markers: Absent. The skill lacks instructions to delimit or isolate data retrieved from the repository to prevent instruction obedience.
  • Capability inventory: File system read access (repo exploration) and network access for GitHub issue submission (Step 7).
  • Sanitization: Absent. No filtering or validation logic is specified for data processed from the codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 04:18 PM