live-commerce-script-compliance-review

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user-provided content through its parameters and file uploads.
  • Ingestion points: External data enters the context via the liveTalkText (text input) and liveTalkFile (file uploads) parameters, as defined in SKILL.md and references/form-schema.json.
  • Boundary markers: The skill does not explicitly define delimiters or provide specific instructions for the agent to ignore potentially malicious embedded instructions within the user-supplied content.
  • Capability inventory: The skill executes network requests to the vendor's API endpoint (https://ai-skills.ai/api/execute) via the scripts/run.py script.
  • Sanitization: There is no evidence of input validation or sanitization in the provided local scripts; the skill relies on the remote API for safe processing.
  • [EXTERNAL_DOWNLOADS]: The skill's runner script (scripts/run.py) performs network operations to interact with an external API at https://ai-skills.ai. This is documented behavior that connects to the developer's infrastructure to fulfill the skill's primary purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — live-commerce-script-compliance-review