supplier-delivery-risk-summary
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted data from suppliers. \n
- Ingestion points: The skill accepts unstructured text (
supplierDeliveryText), files (deliveryDataFile), and external URLs (supplierPortalLink) as specified inreferences/form-schema.json. \n - Boundary markers: There are no explicit markers or instructions within the provided files to delineate user data or instruct the model to ignore embedded commands. \n
- Capability inventory: The execution script
scripts/run.pyis limited to making API requests to the vendor's domain (https://ai-skills.ai) and does not perform sensitive local operations such as writing to the filesystem or executing shell commands based on the API response. \n - Sanitization: No local sanitization of input data is observed before transmission to the processing API. \n- [DATA_EXFILTRATION]: The skill transmits data to the vendor's API endpoint. This communication is required for the skill to function and is directed to the vendor's infrastructure (
ai-skills.ai). \n- [EXTERNAL_DOWNLOADS]: The Python runner script includes an optional dependency on thecertifipackage to ensure secure HTTPS connections, which is a recommended security practice.
Audit Metadata