ai-core-web-vitals
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external sources which could potentially contain malicious instructions intended for the underlying LLM.
- Ingestion points: The skill accepts untrusted input through the
materialText,materialFile, andmaterialUrlparameters as defined inreferences/form-schema.jsonandscripts/run.py. - Boundary markers: No explicit boundary markers or delimiters are defined in the instructions to isolate user-provided content from the system prompt.
- Capability inventory: The provided
scripts/run.pyrunner is limited to performing network requests to the vendor API and printing the result. It does not execute local shell commands or write files based on the API response. - Sanitization: No input sanitization or validation logic is present in the provided client-side scripts.
- [DATA_EXFILTRATION]: The skill transmits user-provided data to an external endpoint for processing.
- Evidence: The script
scripts/run.pysends theparamsobject containing user data tohttps://ai-skills.ai/api/executeusing a POST request. - Context: The destination domain
ai-skills.aiis the official service domain for this skill as documented inSKILL.mdand matches the vendor's identified infrastructure.
Audit Metadata