policy-execution-checklist-generator

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted external data.
  • Ingestion points: The skill accepts user-provided text, uploaded files, and external URLs via the policyRuleText, policyDocumentFile, and policyReferenceLink parameters.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands were found in the skill's prompt logic.
  • Capability inventory: The skill communicates with a remote API (https://ai-skills.ai) to process data and return results.
  • Sanitization: No input sanitization or validation logic is present in the provided scripts to filter malicious instructions within the analyzed documents.
  • [DATA_EXFILTRATION]: The skill transmits user-provided data to an external service.
  • Evidence: The scripts/run.py script sends user parameters and the AISKILLS_API_KEY to https://ai-skills.ai/api/execute via an HTTP POST request.
  • Context: This is the intended behavior of the skill, as it acts as a client for the AI Skills platform owned by the vendor.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — policy-execution-checklist-generator