ai-marketing-ideas
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its handling of untrusted external content.
- Ingestion points: Untrusted data is accepted through the
materialUrl,materialFile, andmaterialTextparameters defined inreferences/form-schema.json. - Boundary markers: The skill lacks delimiters or specific instructions to the underlying model to ignore instructions embedded within the ingested materials.
- Capability inventory: The skill is primarily a network wrapper. Its capabilities are restricted to performing HTTPS requests to the vendor's API endpoint (
https://ai-skills.ai/api/execute). No local shell execution or file modification capabilities were detected in the provided scripts. - Sanitization: The
scripts/run.pyscript does not perform validation or sanitization of user-provided content before transmitting it to the API. - [SAFE]: All network activity is directed to the vendor's domain (
ai-skills.ai) for the stated purpose of generating marketing ideas, using secure protocols. - [SAFE]: The execution script
scripts/run.pyfollows standard Python practices and includes SSL certificate verification, optionally leveraging thecertifipackage for enhanced security.
Audit Metadata