start-building-for-startups

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to assist with environment setup, including installing the AWS CLI and executing configuration commands such as aws configure and aws sts get-caller-identity to verify credentials.
  • [INDIRECT_PROMPT_INJECTION]: The skill scans local project configuration files (e.g., package.json, pyproject.toml, Dockerfile) to infer project context, which creates an indirect prompt injection surface.
  • Ingestion points: Local codebase configuration files and documentation.
  • Boundary markers: Absent; no specific delimiters are defined to isolate data from the codebase.
  • Capability inventory: The agent has permissions to read and write project files and execute AWS CLI commands.
  • Sanitization: The instructions do not specify any validation or sanitization of content retrieved from the codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 10:46 AM
Security Audit — agent-trust-hub — start-building-for-startups