churn-prevention
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits user-provided parameters and an API key to the vendor's authorized API endpoint at
https://ai-skills.ai. This communication is necessary for the skill's primary function of data analysis. - [COMMAND_EXECUTION]: A Python runner script (
scripts/run.py) is included to facilitate communication with the remote service. The script performs standard network operations and does not exhibit malicious system-level behavior. - [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external data, which introduces a surface for indirect prompt injection.
- Ingestion points: Processes data from the
materialText,materialFile, andmaterialUrlfields defined inreferences/form-schema.json. - Boundary markers: No explicit delimiters or boundary markers are defined in the skill's local configuration.
- Capability inventory: The skill's primary capability is network communication with the
ai-skills.aidomain via the included Python script. - Sanitization: Input data is passed directly to the vendor's processing service without additional client-side filtering.
Audit Metadata