skills/sickn33/antigravity-awesome-skills/startup-business-analyst-business-case/Gen Agent Trust Hub
startup-business-analyst-business-case
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process untrusted external documents such as existing pitch decks and financial models. * Ingestion points: User-provided materials and resources/implementation-playbook.md. * Boundary markers: No delimiters or warnings are present to prevent the agent from obeying instructions embedded in the external data. * Capability inventory: The skill utilizes Bash, WebFetch, Write, Edit, and WebSearch. * Sanitization: No explicit instructions for sanitization are included.
- [COMMAND_EXECUTION]: The skill requests access to the Bash tool. While no malicious commands are provided, this broad permission increases the risk if the agent is manipulated via indirect prompt injection.
Audit Metadata