policy-execution-checklist-generator
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted external data.
- Ingestion points: The skill accepts user-provided text, uploaded files, and external URLs via the
policyRuleText,policyDocumentFile, andpolicyReferenceLinkparameters. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands were found in the skill's prompt logic.
- Capability inventory: The skill communicates with a remote API (
https://ai-skills.ai) to process data and return results. - Sanitization: No input sanitization or validation logic is present in the provided scripts to filter malicious instructions within the analyzed documents.
- [DATA_EXFILTRATION]: The skill transmits user-provided data to an external service.
- Evidence: The
scripts/run.pyscript sends user parameters and theAISKILLS_API_KEYtohttps://ai-skills.ai/api/executevia an HTTP POST request. - Context: This is the intended behavior of the skill, as it acts as a client for the AI Skills platform owned by the vendor.
Audit Metadata