ai-amazon-listing-images
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted external content.
- Ingestion points: The skill processes data from several parameters defined in the form schema, including
materialUrl(external links),materialText(user-pasted content), andmaterialFile(uploaded documents). - Boundary markers: No explicit delimiting or boundary markers are used in the provided logic to separate user-provided data from system instructions.
- Capability inventory: The skill uses a Python script (
scripts/run.py) to transmit ingested data to an external API endpoint (ai-skills.ai/api/execute) for processing. - Sanitization: There is no evidence of sanitization, filtering, or escaping of the external input before it is sent to the processing service.
- [DATA_EXFILTRATION]: The skill performs network operations to an external service provider.
- Evidence: The script
scripts/run.pyutilizes theurllib.requestmodule to make HTTP POST requests tohttps://ai-skills.ai/api/execute. - Context: These requests are integral to the skill's documented functionality and target the official domain of the skill vendor.
Audit Metadata