lean-startup
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection vulnerability surface in
scripts/new_experiment.py. \n - Ingestion points: Untrusted data enters via CLI arguments and interactive
input()prompts inscripts/new_experiment.py. \n - Boundary markers: Hypotheses and metrics are interpolated directly into Markdown templates using f-strings without delimiters or escaping to isolate potential embedded instructions. \n
- Capability inventory: The script uses
Path.write_text()to write generated content to user-specified local file system paths. \n - Sanitization: No input validation or sanitization is performed on the user-provided strings before they are written to the output file.
Audit Metadata