ai-lead-magnets
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/run.pyscript communicates withhttps://ai-skills.aito process user input. This is the intended behavior of the skill, and the domain belongs to the skill's infrastructure. - [COMMAND_EXECUTION]: The provided Python runner script executes as a standalone tool to interface with the AI Skills API. It uses standard Python libraries for networking and does not perform arbitrary shell command execution or subprocess spawning.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external materials.
- Ingestion points: The skill accepts untrusted data through the
materialText,materialFile, andmaterialUrlfields defined inreferences/form-schema.json. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are included in the skill's logic.
- Capability inventory: The skill's capabilities are limited to API interaction and do not include dangerous operations like file system modification or administrative command execution.
- Sanitization: There is no evidence of content filtering or sanitization before data is transmitted to the processing API.
Audit Metadata