pm-tracking-spec-writer

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill references standard tracking identifiers such as user_id and device_id as part of its data design role; these are documentation requirements for the generated tracking specification and do not involve unauthorized access to the user's environment or sensitive files.
  • [DYNAMIC_EXECUTION]: The skill generates interactive HTML reports by populating a local template (assets/spec-template.html) with content at runtime. This follows a standard, low-risk documentation generation pattern using known templates and static UI logic.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted user input (product requirements) and incorporate it into technical specifications. While this creates a theoretical ingestion surface, the skill's focus on structured data definition and technical schemas for documentation purposes minimizes the risk of indirect instruction execution. 1. Ingestion points: User-provided PRD and user journey descriptions. 2. Boundary markers: Absent. 3. Capability inventory: Generates HTML with embedded JavaScript. 4. Sanitization: Not explicitly implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 04:36 PM
Security Audit — agent-trust-hub — pm-tracking-spec-writer