multi-platform-article-rewrite-pack

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a Python script (scripts/run.py) intended for the user to execute. This script acts as a runner to send parameters to the AI Skills API.
  • [EXTERNAL_DOWNLOADS]: The Python runner makes HTTPS requests to https://ai-skills.ai to perform the analysis. This domain is the official platform for the skill as documented in SKILL.md.
  • [DATA_EXPOSURE]: The skill uses an environment variable AISKILLS_API_KEY for API authentication. The script correctly retrieves this from the environment rather than hardcoding credentials.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from multiple sources:
  • Ingestion points: Inputs are accepted via the articleFile (file upload), articleDraftText (text input), and articleSourceLink (external URL) parameters defined in references/form-schema.json.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore instructions embedded within the processed text.
  • Capability inventory: The associated scripts/run.py has network capabilities to communicate with the vendor API.
  • Sanitization: The skill does not appear to perform pre-processing or sanitization on the input data before it is sent to the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:58 AM
Security Audit — agent-trust-hub — multi-platform-article-rewrite-pack