ai-kpi-dashboard-design
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: Analysis of the skill instructions, metadata, and associated scripts found no evidence of malicious behavior, such as prompt injection, persistence mechanisms, or unauthorized privilege escalation.
- [EXTERNAL_DOWNLOADS]: The Python runner script (
scripts/run.py) performs network requests to the vendor's official domain athttps://ai-skills.ai. This activity is essential for the skill's operation and is clearly documented. - [COMMAND_EXECUTION]: The skill contains a functional Python runner script intended for user-initiated interaction with the API. This script implements standard client-side logic for authentication and parameter handling without any suspicious system-level operations.
- [DATA_EXFILTRATION]: The skill correctly manages sensitive information by requiring authentication via environment variables (
AISKILLS_API_KEY) rather than hardcoding credentials. It only transmits user-provided inputs to the verified API endpoint.
Audit Metadata