ai-content-research-writer
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from sources including text inputs, file uploads, and remote URLs.\n
- Ingestion points: External data enters through
materialText,materialFile, andmaterialUrlparameters defined inreferences/form-schema.json.\n - Boundary markers: No explicit delimiters or boundary markers are used to separate user-provided content from instructions.\n
- Capability inventory: The skill's script (
scripts/run.py) performs network requests to the developer's API but does not possess local shell execution or file system modification capabilities.\n - Sanitization: No input sanitization or validation logic is present in the runner script.\n- [DATA_EXFILTRATION]: The execution script (
scripts/run.py) transmits the authentication token and user parameters to the vendor's official domain (ai-skills.ai). This network communication is a documented requirement for the skill's functionality and uses standard HTTPS with certificate verification.
Audit Metadata