auto-article-images
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied text and documents (
sourceText,sourceDocument), which are sent to the external AI Skills API. This ingestion of untrusted data represents an indirect prompt injection surface. - Ingestion points: Input parameters
sourceTextandsourceDocumentas defined inreferences/form-schema.jsonandreferences/skill.json. - Boundary markers: No explicit delimiters or boundary markers were found in the configuration to isolate user input from system instructions.
- Capability inventory: The skill uses
scripts/run.pyto perform network operations, sending the data toai-skills.ai. - Sanitization: The input content is passed directly to the API without local sanitization or validation logic in the runner script.
- [SAFE]: All network activity is directed to the vendor's official domain (
ai-skills.ai) or documented GitHub repositories. The management of sensitive credentials (API keys) via environment variables (AISKILLS_API_KEY) is a standard and secure practice for this type of integration.
Audit Metadata