Skills
skills/vladm3105/aidoc-flow-framework/doc-prd-validator/Gen Agent Trust Hub

doc-prd-validator

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides commands to execute local bash and Python validation scripts (e.g., prd_core_wrapper_hook.sh, validate_prd.py) located within the repository's ai_dev_ssd_flow directory.\n- [PROMPT_INJECTION]: The skill establishes a surface for indirect prompt injection as it is designed to ingest and validate externally authored PRD documents.\n
  • Ingestion points: PRD markdown files located in docs/02_PRD/.\n
  • Boundary markers: The skill instructions do not explicitly provide delimiters or 'ignore embedded instructions' warnings for the data being validated.\n
  • Capability inventory: The skill possesses the capability to execute shell and Python scripts for validation and auto-fix actions.\n
  • Sanitization: While the skill enforces structural and metadata schemas, there is no mention of escaping or sanitizing the document content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 03:45 AM
Security Audit — agent-trust-hub — doc-prd-validator