ai-kpi-dashboard-design

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [SAFE]: Analysis of the skill instructions, metadata, and associated scripts found no evidence of malicious behavior, such as prompt injection, persistence mechanisms, or unauthorized privilege escalation.
  • [EXTERNAL_DOWNLOADS]: The Python runner script (scripts/run.py) performs network requests to the vendor's official domain at https://ai-skills.ai. This activity is essential for the skill's operation and is clearly documented.
  • [COMMAND_EXECUTION]: The skill contains a functional Python runner script intended for user-initiated interaction with the API. This script implements standard client-side logic for authentication and parameter handling without any suspicious system-level operations.
  • [DATA_EXFILTRATION]: The skill correctly manages sensitive information by requiring authentication via environment variables (AISKILLS_API_KEY) rather than hardcoding credentials. It only transmits user-provided inputs to the verified API endpoint.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-kpi-dashboard-design