Skills
skills/team-attention/yc-startup-school/yc-1-deciding-to-start-a-startup/Gen Agent Trust Hub

yc-1-deciding-to-start-a-startup

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by collecting untrusted user responses through an interactive workbook and incorporating them into a synthesized report saved to the file system.
  • Ingestion points: User answers collected via the AskUserQuestion tool in SKILL.md.
  • Boundary markers: The instructions lack explicit delimiters or instructions to isolate user input from the generated report synthesis.
  • Capability inventory: The agent has the capability to write the resulting synthesis to the knowledge/ directory as specified in SKILL.md.
  • Sanitization: No explicit sanitization or validation of the user's input is defined before it is processed into the final document.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:28 PM
Security Audit — agent-trust-hub — yc-1-deciding-to-start-a-startup