ai-customer-research
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection through the processing of untrusted external data.
- Ingestion points: The skill accepts data from user-provided URLs (
materialUrl), files (materialFile), and text inputs (materialText), as defined in theSKILL.mdandreferences/form-schema.jsonfiles. - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are provided in the prompt logic to ensure the agent treats these inputs strictly as data.
- Capability inventory: The skill utilizes a Python script (
scripts/run.py) capable of performing network POST requests to the vendor's API endpoint. - Sanitization: The provided scripts do not include evidence of input validation or sanitization before the data is interpolated into the workflow.
- [DATA_EXFILTRATION]: Performs network requests to the vendor's established infrastructure.
- The
scripts/run.pyscript communicates withhttps://ai-skills.aito execute the skill's core logic. This is expected behavior for a skill utilizing the allinherog-star vendor's platform and does not involve unauthorized data movement.
Audit Metadata