ai-marketing-ideas

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its handling of untrusted external content.
  • Ingestion points: Untrusted data is accepted through the materialUrl, materialFile, and materialText parameters defined in references/form-schema.json.
  • Boundary markers: The skill lacks delimiters or specific instructions to the underlying model to ignore instructions embedded within the ingested materials.
  • Capability inventory: The skill is primarily a network wrapper. Its capabilities are restricted to performing HTTPS requests to the vendor's API endpoint (https://ai-skills.ai/api/execute). No local shell execution or file modification capabilities were detected in the provided scripts.
  • Sanitization: The scripts/run.py script does not perform validation or sanitization of user-provided content before transmitting it to the API.
  • [SAFE]: All network activity is directed to the vendor's domain (ai-skills.ai) for the stated purpose of generating marketing ideas, using secure protocols.
  • [SAFE]: The execution script scripts/run.py follows standard Python practices and includes SSL certificate verification, optionally leveraging the certifi package for enhanced security.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-marketing-ideas