plan-to-prd
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
gh issue createcommand to automate the creation of Product Requirement Documents (PRDs) and task slices on GitHub. This aligns with the skill's intended functionality and uses a well-known tool from a trusted service provider. - [PROMPT_INJECTION]: The skill ingests untrusted data from repository files (Phase 1) and user input (Phase 0) to generate issue bodies. While this represents an indirect prompt injection surface (Category 8), the risk is effectively mitigated by mandatory human-in-the-loop (HITL) approval phases (Phases 3, 5, and 7) that require user confirmation before any commands are executed or issues are created.
- [DATA_EXPOSURE]: The skill implements protective measures by explicitly instructing the agent to exclude sensitive technical details—such as file paths, line numbers, and code snippets—from the generated issues, reducing the risk of accidental information disclosure.
Audit Metadata