content-material-audit

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a utility script scripts/run.py intended to facilitate communication with the back-end API. This script handles parameter loading, API authentication via environment variables, and result polling.
  • [EXTERNAL_DOWNLOADS]: The runner script makes network requests to https://ai-skills.ai/api/execute. This is the intended behavior of the skill to process content through its service infrastructure.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core function of processing untrusted external content.
  • Ingestion points: Untrusted data enters the context via the materialText, materialFile, and materialUrl parameters as defined in references/form-schema.json.
  • Boundary markers: The instructions do not define clear delimiters or warnings to the model to ignore embedded instructions within the audited materials.
  • Capability inventory: The skill's primary capability is executing the scripts/run.py script to perform network operations and process content.
  • Sanitization: The runner script forwards user-provided parameters to the API without performing sanitization or filtering of the content within the materials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:58 AM
Security Audit — agent-trust-hub — content-material-audit