ai-cold-email

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a Python script (scripts/run.py) designed to interact with the vendor's API. It transmits user-provided parameters to the endpoint defined in the environment or defaults to https://ai-skills.ai.
  • [DATA_EXFILTRATION]: The skill processes user-provided business data such as email drafts, customer background, and conversation records, sending them to the configured AI service. This is the intended core functionality and is secured via HTTPS and API key authentication.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with https://ai-skills.ai to perform its diagnostic functions. This domain is the official service platform referenced in the documentation.
  • [PROMPT_INJECTION]: The skill ingests untrusted data through parameters like materialText, materialUrl, and materialFile (defined in references/form-schema.json). This creates a standard surface for indirect prompt injection common in agentic workflows. No boundary markers or sanitization logic are present in the provided scripts to mitigate embedded instructions in the processed data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-cold-email