Back to PRD Generator Flow

Security Report

PRD Generator Flow

v1.1.18 v1.1.12 v1.1.11 v1.1.10 v1.1.9 v1.1.8 v1.1.7 v1.1.6 v1.1.5 v1.1.4 v1.1.3 v1.1.2 v1.1.1 v1.1.0 v1.0.5 v1.0.4 v1.0.3 v1.0.2 v1.0.1 v1.3.0 v1.0.0 v1.4.0 v1.2.0
Pass
Version v1.1.18 Scanned 11 May 2026 at 06:33 Scanner v2.8.0

Summary

Detected

  • Services:
  • Permissions:
  • Data Handling: pii

Undeclared

All items declared

Warnings

No warnings

Findings (12)

Data Handling

info pii declared
pii-data-reference
documents/prd-writing-standards.md:70

"user data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-data-reference
prompts/problem-statement-writer.md:16

"Customer data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-data-reference
prompts/problem-statement-writer.md:57

"customer data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-data-reference
prompts/success-metrics-definer.md:16

"Customer data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-data-reference
prompts/user-persona-generator.md:16

"Customer data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-data-reference
skills/requirements-structuring.md:41

"User data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-behavioural-data
sources/product-strategy-guide.md:60

"Demographic"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

info pii declared
pii-data-reference
workflows/prd-generator-flow.md:108

"customer data"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.

Compliance

info GDPR undeclared
compliance-gdpr
prompts/requirements-prompt.md:91

"- Compliance requirements (GDPR, SOC 2, HIPAA — only if applicable)"

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

info HIPAA undeclared
compliance-hipaa
prompts/requirements-prompt.md:91

"- Compliance requirements (GDPR, SOC 2, HIPAA — only if applicable)"

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

info SOC-2 undeclared
compliance-soc2
prompts/requirements-prompt.md:91

"- Compliance requirements (GDPR, SOC 2, HIPAA — only if applicable)"

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

info GDPR undeclared
compliance-gdpr
skills/requirements-structuring.md:44

"| Compliance | Regulatory and legal | "Data handling complies with GDPR Article 17 (right to erasure"

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.