vc-market-sizing
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Remote Code Execution] (SAFE): The skill is composed strictly of markdown text and contains no scripts or binary components.
- [Data Exfiltration] (SAFE): No network operations (curl, wget) or sensitive local file access patterns were identified.
- [Prompt Injection] (SAFE): No attempts to bypass safety filters or redefine the model's core identity were found.
- [Indirect Prompt Injection] (SAFE): The skill defines a surface for processing external data (pitch decks, pricing pages), but because the skill has no functional capabilities like command execution or file writing, this surface is not exploitable. Mandatory Evidence Chain: 1. Ingestion points: Pricing pages, pitch decks, and meeting notes (referenced in SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: None (strictly instructional). 4. Sanitization: Absent.
Audit Metadata