ai-hr-pro

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from multiple external sources.
  • Ingestion points: Untrusted data enters the agent's context through the materialUrl, materialFile, and materialText parameters as defined in references/form-schema.json and SKILL.md.
  • Boundary markers: The instructions lack clear delimiters or specific guidance for the model to ignore any instructions that might be embedded within the source materials.
  • Capability inventory: The skill utilizes the scripts/run.py script to transmit the collected data to an external API endpoint (https://ai-skills.ai).
  • Sanitization: There is no evidence of input validation, filtering, or sanitization being applied to the external content before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-hr-pro