lean-startup
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is composed of purely educational documentation in Markdown format. There are no executable scripts, binaries, or configuration files that could pose a security risk.
- [NO_CODE]: No code files (e.g., Python, JavaScript, Shell scripts) are present in the skill package. All logic is represented as natural language instructions for the AI agent.
- [DATA_EXPOSURE]: There are no hardcoded credentials, API keys, or sensitive file paths. Mentions of external platforms like Stripe, MailChimp, and Google Analytics are provided as industry examples for startup development and do not involve active integrations or data transmission.
- [PROMPT_INJECTION]: The content does not contain any attempts to hijack the AI's behavior, bypass safety guidelines, or extract system prompts. The instructions are consistently aligned with the stated purpose of startup advising.
- [INDIRECT_PROMPT_INJECTION]: Although the skill is intended to process user-supplied startup details, the lack of tool-use capabilities (such as file system access or network requests) within the skill's structure prevents potential exploitation through untrusted user data.
Audit Metadata