ai-paid-ads

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/run.py transmits user-provided parameters and the AISKILLS_API_KEY environment variable to the vendor's API endpoint at https://ai-skills.ai.
  • [PROMPT_INJECTION]: The skill accepts untrusted data through the materialUrl, materialFile, and materialText parameters, creating a surface for indirect prompt injection where malicious instructions in user-provided content could influence the agent.
  • Ingestion points: User-provided URLs, file uploads, and text inputs defined in SKILL.md and references/form-schema.json.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill definition.
  • Capability inventory: The skill performs network operations by sending data to a remote API via the scripts/run.py script.
  • Sanitization: There is no evidence of input validation or content sanitization for the materials processed by the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-paid-ads