ai-customer-research

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: Potential for indirect prompt injection through the processing of untrusted external data.
  • Ingestion points: The skill accepts data from user-provided URLs (materialUrl), files (materialFile), and text inputs (materialText), as defined in the SKILL.md and references/form-schema.json files.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are provided in the prompt logic to ensure the agent treats these inputs strictly as data.
  • Capability inventory: The skill utilizes a Python script (scripts/run.py) capable of performing network POST requests to the vendor's API endpoint.
  • Sanitization: The provided scripts do not include evidence of input validation or sanitization before the data is interpolated into the workflow.
  • [DATA_EXFILTRATION]: Performs network requests to the vendor's established infrastructure.
  • The scripts/run.py script communicates with https://ai-skills.ai to execute the skill's core logic. This is expected behavior for a skill utilizing the allinherog-star vendor's platform and does not involve unauthorized data movement.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-customer-research