The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructions do not contain any patterns typical of prompt injection, such as instructions to ignore safety guidelines, reveal system prompts, or bypass constraints.
[DATA_EXFILTRATION]: No sensitive file paths (e.g., ~/.ssh, ~/.aws) are accessed, and there are no network-based exfiltration patterns such as curl or wget requests to external domains.
[COMMAND_EXECUTION]: The skill does not execute dangerous shell commands or perform unauthorized system modifications. It uses a structured 'Write' tool to save analysis results to a specific local directory ('.hypercore/validation-results/'), which is consistent with its stated purpose.
[EXTERNAL_DOWNLOADS]: The skill does not perform any external downloads of code, scripts, or packages at runtime.
[REMOTE_CODE_EXECUTION]: No patterns for downloading and executing remote code were found. The 'Task' tool calls for sub-agents are standard within the agent's operating environment.
[DATA_EXPOSURE]: There are no hardcoded credentials, API keys, or exposure of internal system configuration files.
[INDIRECT_PROMPT_INJECTION]: The skill has a standard attack surface for indirect injection as it processes user-provided startup idea descriptions.
Ingestion points: User input provided via the $ARGUMENTS variable.
Boundary markers: Not explicitly defined in the prompt templates.
Capability inventory: Uses 'Write' for file storage and 'Task' for triggering sub-agent analysis.
Sanitization: No explicit sanitization or filtering of input is mentioned, which is common for this type of analytical skill.

startup-validator