brand-voice-review

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns detected. The skill uses standard environment variables for authentication and follows documented workflows.
  • [EXTERNAL_DOWNLOADS]: The scripts/run.py utility connects to https://ai-skills.ai to facilitate task execution. This is the intended behavior for this skill.
  • [PROMPT_INJECTION]: The skill processes untrusted external materials (text, URLs, and files), which creates an attack surface for indirect prompt injection. However, the skill does not possess high-risk capabilities like local shell access or file writing that would allow such an injection to compromise the host system.
  • Ingestion points: materialText, materialUrl, and materialFile in references/form-schema.json.
  • Boundary markers: None identified in the provided instructions.
  • Capability inventory: Network communication via scripts/run.py to the vendor's API.
  • Sanitization: No specific input sanitization steps are documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:59 AM
Security Audit — agent-trust-hub — brand-voice-review