prd
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill's instructions for document generation and compliance are consistent with its stated purpose of creating PRDs.
- [COMMAND_EXECUTION]: The skill instructs the agent to use 'mkdir -p .aix' to manage its local workspace. This is a low-risk, standard operation for directory management.
- [PROMPT_INJECTION]: The skill ingests untrusted user input during the 'Discovery' phase to populate PRD content, creating a surface for indirect prompt injection. Ingestion point: User input during the interrogation phase (SKILL.md). Boundary markers: Absent. Capability inventory: Shell command execution and file writing (SKILL.md). Sanitization: Absent.
Audit Metadata