ai-revops
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as intended for its stated purpose as a RevOps diagnostic assistant. It follows standard patterns for AI agent skills interacting with an external specialized API.
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/run.py) designed to act as a client for the AI Skills platform. The script's operations are transparent and limited to executing authorized network requests to the vendor's infrastructure. - [EXTERNAL_DOWNLOADS]: The runner script communicates with the official API endpoint at
https://ai-skills.ai. This communication is necessary for the skill's core functionality and uses standard HTTPS with support for certificate verification via thecertifipackage. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and process untrusted data from external sources:
- Ingestion points: Processes data from user-provided URLs (
materialUrl), file uploads (materialFile), and pasted text (materialText) as defined inreferences/form-schema.json. - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings were found in the provided configuration.
- Capability inventory: Local capabilities are limited to outbound HTTP POST requests to the platform API via
scripts/run.py. - Sanitization: No explicit input validation or sanitization logic is present in the client-side script, delegating safety to the platform's backend processing.
- Ingestion points: Processes data from user-provided URLs (
Audit Metadata