lean-canvas
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions and templates for business modeling. No scripts, binaries, or command-line executions are present.
- [SAFE]: No evidence of data exfiltration, credential harvesting, or malicious network activity was found.
- [SAFE]: The included link to productcompass.pm is a legitimate documentation resource belonging to the author and does not trigger any security warnings.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists through the processing of user-provided arguments in the $ARGUMENTS variable, but the skill lacks any tools or capabilities that could be exploited by such an injection. Evidence: 1. Ingestion: $ARGUMENTS in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: None. 4. Sanitization: Absent.
Audit Metadata