ai-amazon-brand-analytics
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by processing untrusted data.
- Ingestion points: External data is ingested through the
materialText,materialUrl, andmaterialFilefields defined inreferences/form-schema.json. - Boundary markers: The configuration does not specify any delimiters or instructions to ignore embedded commands within the ingested content.
- Capability inventory: The script
scripts/run.pyis capable of performing network operations to transmit data to the vendor's API. - Sanitization: There is no client-side logic to sanitize or validate the content of the ingested materials before they are sent for processing.
- [DATA_EXFILTRATION]: The script
scripts/run.pytransmits user-provided parameters and an API key to theai-skills.aidomain. This communication is the core intended function of the skill, facilitating interaction with its backend platform.
Audit Metadata