ai-audit-website
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/run.py) designed to interact with the vendor's API. The script manages argument parsing, environment variable retrieval, and result polling. - [EXTERNAL_DOWNLOADS]: The execution script (
scripts/run.py) includes logic to utilize thecertifiPython package to ensure secure SSL/TLS certificate verification when connecting to the API. - [DATA_EXFILTRATION]: User-provided data, including website URLs, performance text, and uploaded reports, is transmitted to
https://ai-skills.aifor processing. This network communication is a core function of the skill and targets the vendor's official domain. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it ingests content from external sources.
- Ingestion points: Untrusted data enters the context via the
materialUrl,materialFile, andmaterialTextparameters defined inreferences/form-schema.json. - Boundary markers: The provided configuration does not specify explicit delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The local script capabilities are limited to network requests to the vendor API; however, the agent's overall capabilities depend on the broader platform environment.
- Sanitization: There is no evidence of input validation or sanitization for the content of the provided URLs or files within the analyzed scripts.
Audit Metadata