ai-podcast
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides and instructs the use of a Python script (
scripts/run.py) to handle the execution logic and API interaction. - [EXTERNAL_DOWNLOADS]: The runner script optionally utilizes the
certifiPython package to provide a reliable root CA bundle for secure SSL/TLS connections to the API. - [DATA_EXFILTRATION]: User-submitted content from parameters such as
materialText,materialUrl, andmaterialFileis transmitted to the external API endpoint athttps://ai-skills.aifor processing. - [CREDENTIALS_UNSAFE]: Authentication with the backend service requires an API key (
AISKILLS_API_KEY) which the user must provide as an environment variable. - [PROMPT_INJECTION]: The skill acts as a surface for indirect prompt injection because it processes untrusted data from external sources.
- Ingestion points: Data enters the system through the
materialUrl,materialFile, andmaterialTextinput fields. - Boundary markers: The provided script does not implement specific delimiters or safety instructions to prevent the underlying model from following instructions contained within the user data.
- Capability inventory: The script's runtime environment is restricted to performing network requests to the vendor's API and displaying the results; it lacks file-writing or arbitrary command execution capabilities.
- Sanitization: External inputs are transmitted in a structured JSON format but do not undergo content-level sanitization before being sent to the AI service.
Audit Metadata