ai-xlsx
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The documentation in
SKILL.mdprovides instructions for running a local Python script (scripts/run.py) to interact with the skill's backend service. - [EXTERNAL_DOWNLOADS]: The
scripts/run.pyscript makes network requests to the vendor's domainai-skills.aito process user data. This is standard behavior for an API-based skill. - [PROMPT_INJECTION]: The skill processes untrusted data from various sources which presents a potential surface for indirect prompt injection.
- Ingestion points: The skill accepts untrusted data through parameters like
materialText,materialFile, andmaterialUrldefined inreferences/form-schema.json. - Boundary markers: No explicit delimiters or boundary markers are defined in the instructions to isolate processed data from the agent's control logic.
- Capability inventory: The
scripts/run.pyscript facilitates network communication and CLI-based execution. - Sanitization: No input sanitization or validation routines were identified in the provided script files.
Audit Metadata