ai-amazon-product-bundling

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill includes a Python execution script (scripts/run.py) that facilitates communication between the user and the vendor's API. It transmits parameters to https://ai-skills.ai, which is the official domain for the service and is used solely for the skill's intended functionality.
  • [PROMPT_INJECTION]: The skill is designed to process untrusted external data such as product pages, reviews, and files via the materialUrl, materialFile, and materialText parameters. While this represents a potential surface for indirect prompt injection, the skill lacks the local system capabilities (such as arbitrary command execution or local file modification) that would allow such an injection to compromise the host environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-amazon-product-bundling