ai-amazon-listing-images

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted external content.
  • Ingestion points: The skill processes data from several parameters defined in the form schema, including materialUrl (external links), materialText (user-pasted content), and materialFile (uploaded documents).
  • Boundary markers: No explicit delimiting or boundary markers are used in the provided logic to separate user-provided data from system instructions.
  • Capability inventory: The skill uses a Python script (scripts/run.py) to transmit ingested data to an external API endpoint (ai-skills.ai/api/execute) for processing.
  • Sanitization: There is no evidence of sanitization, filtering, or escaping of the external input before it is sent to the processing service.
  • [DATA_EXFILTRATION]: The skill performs network operations to an external service provider.
  • Evidence: The script scripts/run.py utilizes the urllib.request module to make HTTP POST requests to https://ai-skills.ai/api/execute.
  • Context: These requests are integral to the skill's documented functionality and target the official domain of the skill vendor.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-amazon-listing-images