ai-sales-enablement
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of untrusted external content.
- Ingestion points: The skill accepts external data through
materialText,materialFile, andmaterialUrlparameters as defined inreferences/form-schema.json. - Boundary markers: There are no explicit delimiters or system instructions provided to the model to ignore potential malicious commands that might be hidden within the customer materials or linked documents.
- Capability inventory: The skill utilizes a Python runner (
scripts/run.py) to transmit this data to an external processing API (ai-skills.ai). - Sanitization: No input validation or sanitization is present in the skill's scripts to filter or escape instructions before processing.
- [EXTERNAL_DOWNLOADS]: The skill includes a Python script that facilitates network communication with external services.
- Evidence: The script
scripts/run.pyusesurllib.requestto send user data and parameters to the vendor's API athttps://ai-skills.aifor processing. - Context: These network operations are directed at the vendor's infrastructure to provide the skill's primary functionality and use environment variables for secure API key management.
Audit Metadata