yc-3-building-your-founding-team
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates entirely within its defined pedagogical scope. It processes included reference materials and interacts with the user to generate a personalized assessment. No malicious intent or suspicious behavioral patterns were detected.
- [DATA_EXPOSURE]: The skill does not access sensitive system data, environment variables, or credentials. It reads from its own
references/directory and writes to a designatedknowledge/path, which is consistent with the standard operation of persistent agent skills. - [COMMAND_EXECUTION]: No shell commands, binary executions, or script invocations are present in the skill instructions or transcript files.
- [EXTERNAL_DOWNLOADS]: The skill does not perform network operations or remote content fetching. Reference URLs point to official Y Combinator library resources on well-known domains (YouTube, ycombinator.com) and are used for informational purposes only.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) due to its interactive workbook format:
- Ingestion points: User responses provided via the
AskUserQuestiontool inSKILL.md(Step 6). - Boundary markers: Absent; user input is processed for synthesis without explicit delimiters.
- Capability inventory: Limited to file-writing in the
knowledge/directory; no network or shell-level tools are available to be exploited. - Sanitization: No input validation or filtering is performed on user responses before they are synthesized into the final output.
Audit Metadata