ai-content-research-writer

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted data from sources including text inputs, file uploads, and remote URLs.\n
  • Ingestion points: External data enters through materialText, materialFile, and materialUrl parameters defined in references/form-schema.json.\n
  • Boundary markers: No explicit delimiters or boundary markers are used to separate user-provided content from instructions.\n
  • Capability inventory: The skill's script (scripts/run.py) performs network requests to the developer's API but does not possess local shell execution or file system modification capabilities.\n
  • Sanitization: No input sanitization or validation logic is present in the runner script.\n- [DATA_EXFILTRATION]: The execution script (scripts/run.py) transmits the authentication token and user parameters to the vendor's official domain (ai-skills.ai). This network communication is a documented requirement for the skill's functionality and uses standard HTTPS with certificate verification.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-content-research-writer