ai-podcast

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides and instructs the use of a Python script (scripts/run.py) to handle the execution logic and API interaction.
  • [EXTERNAL_DOWNLOADS]: The runner script optionally utilizes the certifi Python package to provide a reliable root CA bundle for secure SSL/TLS connections to the API.
  • [DATA_EXFILTRATION]: User-submitted content from parameters such as materialText, materialUrl, and materialFile is transmitted to the external API endpoint at https://ai-skills.ai for processing.
  • [CREDENTIALS_UNSAFE]: Authentication with the backend service requires an API key (AISKILLS_API_KEY) which the user must provide as an environment variable.
  • [PROMPT_INJECTION]: The skill acts as a surface for indirect prompt injection because it processes untrusted data from external sources.
  • Ingestion points: Data enters the system through the materialUrl, materialFile, and materialText input fields.
  • Boundary markers: The provided script does not implement specific delimiters or safety instructions to prevent the underlying model from following instructions contained within the user data.
  • Capability inventory: The script's runtime environment is restricted to performing network requests to the vendor's API and displaying the results; it lacks file-writing or arbitrary command execution capabilities.
  • Sanitization: External inputs are transmitted in a structured JSON format but do not undergo content-level sanitization before being sent to the AI service.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-podcast