pharma-visit-material-compliance-review
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive review of the skill's scripts and instructions across all threat categories revealed no malicious patterns or security risks. The skill functions as intended by the vendor.
- [PROMPT_INJECTION]: The skill exhibits an inherent attack surface for indirect prompt injection, as its primary purpose is to process external materials that may be attacker-controlled.
- Ingestion points: Data enters the system via file uploads (
pharmaVisitMaterialFile), public URLs (pharmaVisitMaterialLink), and pasted text (pharmaVisitMaterialText) as defined inreferences/form-schema.json. - Boundary markers: The configuration does not explicitly define delimiters for user content, which is typical for skills that act as API wrappers where filtering often occurs on the server side.
- Capability inventory: The local runner script (
scripts/run.py) is restricted to performing network requests to the authorized vendor domain (ai-skills.ai). It lacks capabilities for subprocess execution, arbitrary file system writes, or establishing persistence. - Sanitization: No client-side sanitization of the input materials was observed; the skill relies on the downstream safety protocols of the processing API.
Audit Metadata