Skills
skills/curiositech/some_claude_skills/tech-entrepreneur-coach-adhd/Gen Agent Trust Hub

tech-entrepreneur-coach-adhd

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it can fetch untrusted data from the internet and subsequently perform file operations.
  • Ingestion points: The skill utilizes tools such as mcp__firecrawl__firecrawl_search, mcp__brave-search__brave_web_search, and WebFetch to retrieve content from external URLs (file: SKILL.md).
  • Boundary markers: There are no explicit instructions or delimiters in the prompt to prevent the agent from executing instructions that might be hidden within the fetched web content.
  • Capability inventory: The agent has access to Write, Edit, and TodoWrite tools, which grant it the ability to create or modify files on the host system (file: SKILL.md).
  • Sanitization: No validation, escaping, or filtering of the external data is performed before the agent processes the information and uses its file-writing capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:06 PM