start-building-for-startups
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to assist with environment setup, including installing the AWS CLI and executing configuration commands such as
aws configureandaws sts get-caller-identityto verify credentials. - [INDIRECT_PROMPT_INJECTION]: The skill scans local project configuration files (e.g.,
package.json,pyproject.toml,Dockerfile) to infer project context, which creates an indirect prompt injection surface. - Ingestion points: Local codebase configuration files and documentation.
- Boundary markers: Absent; no specific delimiters are defined to isolate data from the codebase.
- Capability inventory: The agent has permissions to read and write project files and execute AWS CLI commands.
- Sanitization: The instructions do not specify any validation or sanitization of content retrieved from the codebase.
Audit Metadata