prd-generate
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to execute a local Python script (prd-command-dispatch.py) located within the skill's directory structure to perform its primary function. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from the project root to generate documentation.
- Ingestion points: Project files are read from the directory specified by the
--project .argument. - Boundary markers: The skill instructions do not specify any delimiters or instructions for the agent to ignore potentially malicious instructions embedded within the project files being analyzed.
- Capability inventory: The skill utilizes the
Bashtool to execute its logic. - Sanitization: There is no evidence of sanitization or filtering of the project data before it is processed by the documentation generation script.
Audit Metadata