ai-amazon-dayparting-strategy
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from several sources without sufficient safety constraints.
- Ingestion points: Data is collected through the
materialText,materialUrl, andmaterialFilefields defined inreferences/form-schema.json. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill configuration to protect the LLM context.
- Capability inventory: The skill includes a Python runner (
scripts/run.py) that performs network operations, sending the processed data to theai-skills.aiAPI. - Sanitization: There is no evidence of client-side sanitization, filtering, or validation of the content retrieved from URLs or pasted text before it is transmitted.
- [COMMAND_EXECUTION]: The skill provides and utilizes a Python script (
scripts/run.py) designed to execute network requests. - The script uses
urllib.requestto send POST requests containing user-supplied parameters tohttps://ai-skills.ai/api/execute. - It also implements a polling mechanism to retrieve results from the remote server.
Audit Metadata