Skills
skills/ivcota/skills/millionaire-fastlane/Gen Agent Trust Hub

millionaire-fastlane

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The file sources.md contains an absolute local file path to a document in a specific user's directory (/Users/iversondiles/Downloads/the-millionaire-fastlane.pdf). While the file itself is a book, exposing hardcoded home directory structures can lead to information leakage about the host environment and potential execution errors across different systems.
  • [PROMPT_INJECTION]: The skill is designed to process and analyze untrusted user-supplied business ideas, creating a surface for indirect prompt injection.
  • Ingestion points: Untrusted user input for business ideas, wealth plans, and career paths as defined in the SKILL.md trigger conditions.
  • Boundary markers: The skill does not implement delimiters or specific instructions for the agent to differentiate between the framework's logic and instructions that might be embedded within user-provided data.
  • Capability inventory: The skill body and sources.md indicate the use of a Read tool to access local file content.
  • Sanitization: No input validation or sanitization mechanisms are defined to mitigate malicious payloads in the processed data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 03:20 PM