prd-generate

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Python script (prd-command-dispatch.py) located within the skill's directory structure to perform its primary function.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from the project root to generate documentation.
  • Ingestion points: Project files are read from the directory specified by the --project . argument.
  • Boundary markers: The skill instructions do not specify any delimiters or instructions for the agent to ignore potentially malicious instructions embedded within the project files being analyzed.
  • Capability inventory: The skill utilizes the Bash tool to execute its logic.
  • Sanitization: There is no evidence of sanitization or filtering of the project data before it is processed by the documentation generation script.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 04:23 AM
Security Audit — agent-trust-hub — prd-generate