ai-social
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process data from potentially untrusted external sources.
- Ingestion points: The skill accepts user-provided text (
materialText), file uploads (materialFile), and external URLs (materialUrl) as inputs, as defined inreferences/form-schema.json. - Boundary markers: No explicit boundary markers or instructions to ignore embedded directions are present in the provided instructions or scripts.
- Capability inventory: The skill's primary capability is performing authenticated network requests to the
ai-skills.aiAPI viascripts/run.py. - Sanitization: There is no evidence of input sanitization or validation within the skill's client-side components.
- [DATA_EXFILTRATION]: The skill transmits user-provided content to the vendor's infrastructure at
ai-skills.ai. This behavior is the intended primary function of the skill and targets the official domain of the author. Authentication is handled securely using an API key (AISKILLS_API_KEY) retrieved from environment variables. - [COMMAND_EXECUTION]: The execution script
scripts/run.pyuses the standard Pythonurlliblibrary for API communication. It does not perform any unsafe shell command execution or subprocess spawning.
Audit Metadata