brand-account-positioning-diagnosis
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns were identified. The skill and its included Python runner script perform legitimate operations consistent with the stated purpose of analyzing brand accounts. All network activity is directed to the vendor's domain at ai-skills.ai.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted user data, including pasted text and uploaded files. This is a common architectural characteristic for analysis-oriented skills.\n
- Ingestion points: Data enters the agent context through the
accountProfileText,accountDataFile, andaccountHomeLinkfields defined inreferences/form-schema.json.\n - Boundary markers: The skill instructions do not utilize specific delimiters to isolate user-provided data from instructional prompts.\n
- Capability inventory: The
scripts/run.pyscript performs network operations toai-skills.aito execute the skill logic.\n - Sanitization: No explicit input validation or sanitization mechanisms are implemented in the skill configuration.
Audit Metadata