to-prd
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or configuration.
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from the conversation history and the repository codebase to generate documentation. This creates a surface for indirect prompt injection, although it is the primary intended function of the skill.
- Ingestion points: Repository content and conversation history (SKILL.md).
- Boundary markers: None present.
- Capability inventory: The skill instructs the agent to read repository files and write to an external issue tracker.
- Sanitization: No specific sanitization or validation of the processed data is defined.
Audit Metadata