to-prd
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by processing external data and executing state-changing operations.
- Ingestion points: The skill ingests data from the current conversation context and explores the local codebase (SKILL.md).
- Boundary markers: Absent. The skill does not employ delimiters or specific instructions to isolate or ignore potentially malicious commands embedded in the processed context or code.
- Capability inventory: The skill has the capability to publish content to an external issue tracker and modify project labels.
- Sanitization: Absent. There is no evidence of sanitization, escaping, or validation of the data synthesized from the conversation or codebase before it is posted to the issue tracker.
Audit Metadata