pm-prd-writer

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill consists of instructional guidelines and templates for document generation. It does not contain any scripts, binaries, or shell command executions.- [SAFE]: No network activity, data exfiltration patterns, or hardcoded credentials were detected in any of the skill files.- [PROMPT_INJECTION]: The skill processes untrusted user input to generate documentation, which represents an indirect prompt injection surface. 1. Ingestion points: User requirements enter the agent context via the primary input loop as described in SKILL.md. 2. Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands within user input. 3. Capability inventory: None; the skill has no access to tools for file system modification, network communication, or code execution. 4. Sanitization: Absent; the skill does not perform validation or escaping of user-provided content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 05:20 PM
Security Audit — agent-trust-hub — pm-prd-writer