ai-ab-testing
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process data from external, potentially untrusted sources.
- Ingestion points: The skill accepts inputs through the
materialUrl,materialFile, andmaterialTextfields as defined inreferences/form-schema.json, which can include content from arbitrary websites or documents. - Boundary markers: The instructions do not define clear delimiters or include specific guidance for the model to disregard instructions embedded within user-supplied materials.
- Capability inventory: The execution logic in
scripts/run.pyhas the capability to send this data to a remote API and return the resulting analysis to the user context. - Sanitization: There is no evidence of local sanitization or filtering of the input data before it is processed by the skill.
- [EXTERNAL_DOWNLOADS]: The script
scripts/run.pyinitiates network requests to theai-skills.aiplatform to perform its analysis and retrieve results.
Audit Metadata