ai-churn-prevention
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's runner script (
scripts/run.py) makes outbound network requests toai-skills.ai(the vendor's domain) to execute skill logic and provide billing information. These operations are essential for the skill's functionality. - [COMMAND_EXECUTION]: Includes a Python script (
scripts/run.py) designed to be executed by the user. This script serves as a bridge between the local environment and the AI Skills API, handling parameters and authentication. - [PROMPT_INJECTION]: The skill ingests untrusted data from multiple external sources, creating a potential surface for indirect prompt injection attacks.
- Ingestion points: Untrusted data enters the agent context through the
materialText,materialUrl, andmaterialFileparameters defined inSKILL.mdandreferences/form-schema.json. - Boundary markers: There are no explicit instructions or delimiters in the provided documentation to help the agent distinguish between its core instructions and embedded content in the ingested materials.
- Capability inventory: The associated runner script (
scripts/run.py) allows for network communication with the vendor's API. - Sanitization: No validation or sanitization logic for the content of processed files, URLs, or text snippets is implemented within the skill files.
Audit Metadata