supplier-delivery-risk-summary

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted data from suppliers. \n
  • Ingestion points: The skill accepts unstructured text (supplierDeliveryText), files (deliveryDataFile), and external URLs (supplierPortalLink) as specified in references/form-schema.json. \n
  • Boundary markers: There are no explicit markers or instructions within the provided files to delineate user data or instruct the model to ignore embedded commands. \n
  • Capability inventory: The execution script scripts/run.py is limited to making API requests to the vendor's domain (https://ai-skills.ai) and does not perform sensitive local operations such as writing to the filesystem or executing shell commands based on the API response. \n
  • Sanitization: No local sanitization of input data is observed before transmission to the processing API. \n- [DATA_EXFILTRATION]: The skill transmits data to the vendor's API endpoint. This communication is required for the skill to function and is directed to the vendor's infrastructure (ai-skills.ai). \n- [EXTERNAL_DOWNLOADS]: The Python runner script includes an optional dependency on the certifi package to ensure secure HTTPS connections, which is a recommended security practice.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — supplier-delivery-risk-summary