ai-sales-enablement

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of untrusted external content.
  • Ingestion points: The skill accepts external data through materialText, materialFile, and materialUrl parameters as defined in references/form-schema.json.
  • Boundary markers: There are no explicit delimiters or system instructions provided to the model to ignore potential malicious commands that might be hidden within the customer materials or linked documents.
  • Capability inventory: The skill utilizes a Python runner (scripts/run.py) to transmit this data to an external processing API (ai-skills.ai).
  • Sanitization: No input validation or sanitization is present in the skill's scripts to filter or escape instructions before processing.
  • [EXTERNAL_DOWNLOADS]: The skill includes a Python script that facilitates network communication with external services.
  • Evidence: The script scripts/run.py uses urllib.request to send user data and parameters to the vendor's API at https://ai-skills.ai for processing.
  • Context: These network operations are directed at the vendor's infrastructure to provide the skill's primary functionality and use environment variables for secure API key management.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-sales-enablement