api-doc-integration-risk-review
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits user-provided materials (API documentation text, uploaded file data, and external URLs) to the vendor's API at
https://ai-skills.ai. This is the intended functional behavior of the skill for performing risk assessments. - [EXTERNAL_DOWNLOADS]: The Python runner script (
scripts/run.py) establishes outbound HTTPS connections tohttps://ai-skills.aito facilitate skill execution and retrieve analysis results. - [PROMPT_INJECTION]: The skill processes untrusted external input, creating a surface for indirect prompt injection attacks:
- Ingestion points: Untrusted data enters the agent context through the
apiGuideText,apiGuideFile, andapiGuideLinkparameters defined inSKILL.mdandreferences/skill.json. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided configuration.
- Capability inventory: The skill executes network operations (HTTPS POST) to transmit data to the backend API via
scripts/run.py. - Sanitization: There is no evidence of input validation or content filtering to mitigate malicious instructions hidden within processed documentation.
- [COMMAND_EXECUTION]: The skill provides a Python script (
scripts/run.py) intended for CLI execution to interact with the remote service API.
Audit Metadata