ai-signup

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill follows established patterns for API-based tools. It uses a dedicated Python runner to communicate with a specific vendor endpoint.
  • [DATA_EXFILTRATION]: While the skill transmits data to https://ai-skills.ai, this is the primary intended behavior for processing conversion diagnostics. No evidence was found of sensitive local data (such as SSH keys or environment secrets unrelated to the API) being accessed or exfiltrated.
  • [PROMPT_INJECTION]: The skill processes external content which presents a surface for indirect prompt injection.
  • Ingestion points: materialUrl, materialFile, and materialText as defined in references/form-schema.json.
  • Boundary markers: None identified in the provided templates to isolate user data from system instructions.
  • Capability inventory: Network communication via scripts/run.py to send data to the ai-skills.ai API.
  • Sanitization: No client-side sanitization is performed in the runner script; protection is assumed to be handled by the backend API.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-signup