idea-validator
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions to bypass safety filters or override system prompts were detected. The content focuses exclusively on business methodology.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations (curl, wget, etc.) were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill is a 'No Code' implementation consisting of markdown files. It does not install external packages or execute remote scripts.
- Indirect Prompt Injection (LOW): The skill contains an attack surface as it ingests untrusted user data regarding business ideas (Ingestion: User input requested in full-guide.md). Boundary markers and sanitization are absent. However, the capability inventory for this skill is zero (no subprocess, network, or file-write calls), meaning any injection would only influence the current conversation context.
- Persistence & Privilege Escalation (SAFE): There are no commands that interact with the host operating system, shell profiles, or administrative permissions.
Audit Metadata