marketing-psychology

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill script scripts/run.py is configured to send user-supplied content to the vendor's API at https://ai-skills.ai/api/execute. This network operation is the intended primary function of the skill and uses the vendor's established infrastructure.
  • [EXTERNAL_DOWNLOADS]: The Python runner script includes an optional dependency on the certifi package to ensure secure SSL/TLS communication with the API endpoint.
  • [PROMPT_INJECTION]: As the skill is designed to analyze external marketing content, it naturally has a surface for indirect prompt injection.
  • Ingestion points: Data enters the agent context through the materialUrl, materialFile, and materialText parameters in SKILL.md.
  • Boundary markers: No specific delimiters are used in the provided configuration to isolate untrusted user data from the core instructions.
  • Capability inventory: The skill's primary capability is performing network requests to the vendor's API via the urllib library in scripts/run.py.
  • Sanitization: There is no evidence of pre-processing or validation of the input content within the script before it is sent for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:59 AM
Security Audit — agent-trust-hub — marketing-psychology