ai-amazon-search-optimization

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources.
  • Ingestion points: The skill accepts external data through the materialUrl (external URLs), materialFile (uploaded files), and materialText (user-provided text) parameters as defined in SKILL.md and references/form-schema.json.
  • Boundary markers: The skill instructions do not specify any delimiters or boundary markers to distinguish user instructions from the external content being analyzed.
  • Capability inventory: The skill includes a functional Python runner script (scripts/run.py) that performs network requests to the vendor's API endpoint (https://ai-skills.ai/api/execute).
  • Sanitization: There is no evidence of sanitization or filtering of the ingested external data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-amazon-search-optimization