ai-amazon-dayparting-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from several sources without sufficient safety constraints.
  • Ingestion points: Data is collected through the materialText, materialUrl, and materialFile fields defined in references/form-schema.json.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill configuration to protect the LLM context.
  • Capability inventory: The skill includes a Python runner (scripts/run.py) that performs network operations, sending the processed data to the ai-skills.ai API.
  • Sanitization: There is no evidence of client-side sanitization, filtering, or validation of the content retrieved from URLs or pasted text before it is transmitted.
  • [COMMAND_EXECUTION]: The skill provides and utilizes a Python script (scripts/run.py) designed to execute network requests.
  • The script uses urllib.request to send POST requests containing user-supplied parameters to https://ai-skills.ai/api/execute.
  • It also implements a polling mechanism to retrieve results from the remote server.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-amazon-dayparting-strategy