copywriting
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill communicates with its official backend at
ai-skills.aiusing a standard Python runner script. No unauthorized network operations or communication with suspicious domains were detected. - [SAFE]: Secret management is handled correctly by requiring the
AISKILLS_API_KEYto be provided via environment variables, rather than being hardcoded in the skill files. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill is designed to ingest and analyze untrusted data provided via URLs, file uploads, and text snippets.
- Ingestion points:
materialUrl,materialFile, andmaterialTextparameters defined inreferences/form-schema.json. - Boundary markers: None identified in the provided skill instructions or schema.
- Capability inventory: The skill performs network requests to the AI Skills API via
scripts/run.py. - Sanitization: No client-side input validation or escaping is present in the runner script.
Audit Metadata