ai-social

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process data from potentially untrusted external sources.
  • Ingestion points: The skill accepts user-provided text (materialText), file uploads (materialFile), and external URLs (materialUrl) as inputs, as defined in references/form-schema.json.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded directions are present in the provided instructions or scripts.
  • Capability inventory: The skill's primary capability is performing authenticated network requests to the ai-skills.ai API via scripts/run.py.
  • Sanitization: There is no evidence of input sanitization or validation within the skill's client-side components.
  • [DATA_EXFILTRATION]: The skill transmits user-provided content to the vendor's infrastructure at ai-skills.ai. This behavior is the intended primary function of the skill and targets the official domain of the author. Authentication is handled securely using an API key (AISKILLS_API_KEY) retrieved from environment variables.
  • [COMMAND_EXECUTION]: The execution script scripts/run.py uses the standard Python urllib library for API communication. It does not perform any unsafe shell command execution or subprocess spawning.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-social