account-research-sales-card

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill's runner script (scripts/run.py) transmits user-provided parameters and a project-specific API key to https://ai-skills.ai. This behavior is documented in the skill's metadata and is required for the skill to function with its backend service.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from multiple sources (pasted text, uploaded files, and external URLs) to generate sales insights. This establishes a surface for indirect prompt injection attacks.
  • Ingestion points: Data enters through the targetAccountInfo, accountResearchFile, and accountSourceUrl fields defined in references/form-schema.json.
  • Boundary markers: No explicit instruction delimiters or markers are present to separate user-provided data from system instructions.
  • Capability inventory: The skill utilizes scripts/run.py to perform network operations (HTTPS POST requests) to the provider's API.
  • Sanitization: No input sanitization or validation of the ingested content was observed in the scripts.
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The execution script scripts/run.py optionally imports the certifi package to provide a valid CA bundle for secure SSL certificate verification.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 06:36 PM
Security Audit — agent-trust-hub — account-research-sales-card