pm-prd
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from the local project file
docs/pm-context/pm-context.md, presenting a surface for indirect prompt injection. - Ingestion points: Data is ingested from the file located at
docs/pm-context/pm-context.md. - Boundary markers: The skill does not employ explicit security delimiters or 'ignore instructions' wrappers around the ingested data, relying instead on Markdown structure.
- Capability inventory: The skill triggers internal sub-skills that perform file system write operations to the
docs/pm-context/prd/directory. - Sanitization: No evidence of content escaping, validation, or filtering of the ingested context was found.
Audit Metadata