churn-prevention

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits user-provided parameters and an API key to the vendor's authorized API endpoint at https://ai-skills.ai. This communication is necessary for the skill's primary function of data analysis.
  • [COMMAND_EXECUTION]: A Python runner script (scripts/run.py) is included to facilitate communication with the remote service. The script performs standard network operations and does not exhibit malicious system-level behavior.
  • [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external data, which introduces a surface for indirect prompt injection.
  • Ingestion points: Processes data from the materialText, materialFile, and materialUrl fields defined in references/form-schema.json.
  • Boundary markers: No explicit delimiters or boundary markers are defined in the skill's local configuration.
  • Capability inventory: The skill's primary capability is network communication with the ai-skills.ai domain via the included Python script.
  • Sanitization: Input data is passed directly to the vendor's processing service without additional client-side filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:58 AM
Security Audit — agent-trust-hub — churn-prevention