ai-copywriting-psychologist
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from untrusted external sources.\n
- Ingestion points: Untrusted data enters the agent context through the
materialUrl,materialFile, andmaterialTextparameters.\n - Boundary markers: The skill instructions do not specify any delimiters or safety directives to ignore potential commands hidden within the ingested materials.\n
- Capability inventory: The skill uses a Python script to transmit user data to an external API and returns the resulting analysis to the user.\n
- Sanitization: There is no evidence of input validation or sanitization being performed on the ingested content.\n- [DATA_EXFILTRATION]: The skill's runner script (
scripts/run.py) sends user-provided parameters and theAISKILLS_API_KEYenvironment variable to the vendor's endpoint atai-skills.ai. This is the documented and intended operational behavior for the skill.
Audit Metadata