critique

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits user input (including project descriptions, URLs, and file references) along with a user-provided API key to the vendor's server at https://ai-skills.ai/api/execute. This communication is documented as the core mechanism for processing the business diagnosis and is limited to the vendor's own infrastructure.
  • [COMMAND_EXECUTION]: A Python script (scripts/run.py) is provided to handle the skill's execution. This script manages authentication via environment variables, constructs requests to the API, and handles asynchronous polling for results. The script's logic is transparent and focused solely on API interaction.
  • [PROMPT_INJECTION]: The skill ingests data from external sources provided via the materialUrl, materialFile, and materialText parameters, which creates an indirect prompt injection surface.
  • Ingestion points: User-supplied URLs, uploaded files, and pasted text as defined in SKILL.md and references/form-schema.json.
  • Boundary markers: None explicitly defined in the provided instruction set.
  • Capability inventory: The skill uses the Python runner script to send this ingested data to the external API.
  • Sanitization: No client-side validation or filtering of the content within these parameters is implemented before transmission to the API.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — critique