auto-article-images

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-supplied text and documents (sourceText, sourceDocument), which are sent to the external AI Skills API. This ingestion of untrusted data represents an indirect prompt injection surface.
  • Ingestion points: Input parameters sourceText and sourceDocument as defined in references/form-schema.json and references/skill.json.
  • Boundary markers: No explicit delimiters or boundary markers were found in the configuration to isolate user input from system instructions.
  • Capability inventory: The skill uses scripts/run.py to perform network operations, sending the data to ai-skills.ai.
  • Sanitization: The input content is passed directly to the API without local sanitization or validation logic in the runner script.
  • [SAFE]: All network activity is directed to the vendor's official domain (ai-skills.ai) or documented GitHub repositories. The management of sensitive credentials (API keys) via environment variables (AISKILLS_API_KEY) is a standard and secure practice for this type of integration.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:59 AM
Security Audit — agent-trust-hub — auto-article-images