ai-amazon-international-listings

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from external sources, which presents a risk of indirect prompt injection. Maliciously crafted product listings or reviews could potentially contain instructions aimed at manipulating the agent's analysis or output.
  • Ingestion points: Data enters the context via parameters such as materialText (user-pasted content), materialUrl (external product and competitor links), and materialFile (uploaded documents) as specified in SKILL.md and references/form-schema.json.
  • Boundary markers: No specific delimiters or instructions (e.g., "ignore any instructions contained within the following text") are implemented in the skill's operational guidelines to mitigate the risk of the agent obeying instructions embedded in the analyzed data.
  • Capability inventory: The skill utilizes a network-capable Python script (scripts/run.py) to transmit analysis data to the vendor's API.
  • Sanitization: The documentation does not specify any sanitization, filtering, or validation processes for the ingested external content.
  • [EXTERNAL_DOWNLOADS]: The scripts/run.py script initiates network connections to https://ai-skills.ai to facilitate the analysis process and retrieve results. This domain is the primary service infrastructure for the skill's vendor.
  • [COMMAND_EXECUTION]: The skill provides instructions for the user to execute a local Python runner script (scripts/run.py). Analysis of this script indicates it is designed for parameter serialization and API communication; it does not contain patterns for unsafe subprocess execution, shell command injection, or unauthorized access to sensitive local file paths.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-amazon-international-listings