startup-idea-validation
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious scripts or commands were identified. All resources are local markdown files within the skill package.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from the user to populate its validation scorecards, which is a common surface for indirect prompt injection. This is categorized as safe here because the skill lacks the capabilities (e.g., shell access, network requests) to exploit such an injection.\n
- Ingestion points: User-provided descriptions of startup ideas, business models, and market data in SKILL.md.\n
- Boundary markers: Absent; the skill does not use specific delimiters to wrap user content.\n
- Capability inventory: No code execution, file system modification, or network access capabilities are defined.\n
- Sanitization: None explicitly implemented within the prompt instructions.
Audit Metadata