pdca
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to executecurlfor checking local server responses andnpx playwright testfor running end-to-end tests. These commands are part of the intended verification workflow. - [EXTERNAL_DOWNLOADS]: It recommends installing the
@playwright/testpackage, which is a trusted and standard tool for web application testing. - [PROMPT_INJECTION]: The skill processes multiple project documents to maintain consistency across the workflow, which presents an indirect prompt injection surface.
- Ingestion points: The skill reads files from the
docs/directory tree, such asdocs/00-pm/*.prd.mdanddocs/01-plan/*.plan.md. - Boundary markers: No explicit delimiters or instructions to disregard embedded content are used during document ingestion.
- Capability inventory: The skill has access to
Bash,Write,Edit, andTasktools, which are powerful capabilities. - Sanitization: There is no evidence of validation or sanitization of the content read from markdown files before it is used as context for subsequent agent phases.
Audit Metadata