public-company-due-diligence-summary

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted data from several ingestion points.
  • Ingestion points: The skill accepts data via disclosureFile (file uploads), companyDisclosureLink (external URLs), and companyDisclosureText (user-pasted text) as defined in references/form-schema.json.
  • Boundary markers: There are no explicit instructions or delimiters in the skill configuration to isolate external data or instruct the model to ignore potential malicious prompts embedded within that data.
  • Capability inventory: The scripts/run.py script enables the agent to perform network operations by sending data to a remote API.
  • Sanitization: No sanitization, validation, or escaping logic is implemented for the external content before it is processed by the agent.
  • [EXTERNAL_DOWNLOADS]: The scripts/run.py script performs outbound network requests to https://ai-skills.ai/api/execute to fulfill its core functionality. While this is the intended behavior for interacting with the platform's API, it involves transmitting user-provided data to a remote service.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — public-company-due-diligence-summary