doc-prd-autopilot
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts for project tasks, specifically 'ai_dev_ssd_flow/scripts/validate_prd_ready.py' for document validation and 'ai_dev_ssd_flow/scripts/update_traceability_matrix.py' for updating document metadata. These scripts are part of the local environment and are invoked through standard command-line interfaces.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests Business Requirement Documents (BRDs) to create PRDs. This behavior could be exploited if source documents contain malicious instructions designed to alter the agent's behavior during the generation process.\n
- Ingestion points: Document files are read from the 'docs/01_BRD/' directory.\n
- Boundary markers: The skill lacks explicit instructions or delimiters to isolate ingested data from agent instructions in the generation phase.\n
- Capability inventory: Includes the ability to write files to 'docs/02_PRD/' and execute local Python scripts.\n
- Sanitization: No input sanitization or content validation logic for the natural language content of the BRDs is specified.
Audit Metadata