ai-amazon-return-reduction

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external, untrusted data via an LLM.
  • Ingestion points: Untrusted data enters the agent context through parameters like materialText, materialFile, and materialUrl defined in references/form-schema.json and SKILL.md.
  • Boundary markers: The provided configuration files do not include explicit delimiters or instructions to the model to ignore potential commands embedded within the input materials.
  • Capability inventory: The skill uses a Python runner (scripts/run.py) to transmit ingested data to the vendor's API at https://ai-skills.ai for AI processing.
  • Sanitization: There is no evidence of client-side sanitization, filtering, or escaping of the input data before it is sent to the processing endpoint.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-amazon-return-reduction