Skills
skills/sanxzy/skills/bd-generate-prd/Gen Agent Trust Hub

bd-generate-prd

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the local repository and user interviews to generate output.
  • Ingestion points: Data is gathered from the local codebase (via repository exploration) and user-provided feature descriptions or interview responses.
  • Boundary markers: Absent. The instructions do not provide delimiters or warnings to the agent to ignore instructions found within the processed data.
  • Capability inventory: The skill can read and write to the filesystem (under the .plans directory) and perform network operations by interacting with the GitHub API to submit issues.
  • Sanitization: Absent. No validation or filtering is performed on the gathered content before it is processed or submitted externally.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 04:23 AM
Security Audit — agent-trust-hub — bd-generate-prd