Skills
skills/codealive-ai/ai-cofounder/problem-definition/Gen Agent Trust Hub

problem-definition

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill is entirely composed of markdown instructions and reference text aimed at helping users with product discovery and scoping.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is instructed to process data from external files (MEMORY.md and USER.md). While this is a standard pattern for context-aware agents, it constitutes an architectural vulnerability surface.
  • Ingestion points: User and company context are ingested from MEMORY.md and USER.md (SKILL.md).
  • Boundary markers: Absent. No delimiters are specified to separate external context from the skill's core instructions.
  • Capability inventory: The skill does not request access to high-risk tools such as shell execution, file-system writing, or network operations.
  • Sanitization: No sanitization or validation of the ingested context files is performed by the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 07:03 AM