prepare-yc-workshop
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts (
provision.sh,cleanup.sh) and theycCLI tool to manage cloud resources. These operations are essential for its stated purpose and include proper validation and error handling. - [PROMPT_INJECTION]: The skill processes user input for participant counts or roster lists. This represents a surface for indirect prompt injection, which is mitigated by input validation in the execution scripts.
- Ingestion points: Participant count or names roster provided to the agent in
SKILL.md. - Boundary markers: None present.
- Capability inventory: Shell script execution, cloud resource management via
ycCLI, and file system write operations. - Sanitization: The
provision.shscript contains logic to validate that the participant count input is a positive integer before execution.
Audit Metadata