yc-sv-development-framework
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- General Security (SAFE): The skill consists exclusively of Markdown files providing educational and organizational guidance. There are no executable scripts (Python, JavaScript, Bash) included in the package.
- Remote Code Execution (SAFE): No instances of dynamic code execution, subprocess spawning, or remote downloads were found. The installation process involves a simple local file copy command.
- Data Exfiltration (SAFE): There are no network requests, hardcoded credentials, or attempts to access sensitive system files (e.g., SSH keys, .env files, or cloud credentials).
- Prompt Injection (SAFE): While the skill provides strong guiding principles for the AI's reasoning, these remain within the intended domain of software development and do not attempt to bypass safety filters, extract system prompts, or override core agent instructions.
- External Downloads (SAFE): No external package managers or remote code fetching patterns are utilized; all content is static and local.
Audit Metadata