uapi-post-text-aes-encrypt

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits user-provided data, including plaintext and encryption keys, to an external domain that is not recognized as a trusted or well-known service.
  • Evidence: Found in SKILL.md and references/operations/post-text-aes-encrypt.md.
  • Details: The operation post-text-aes-encrypt targets https://uapis.cn/api/v1/text/aes/encrypt. The request body includes sensitive fields 'text' and 'key'. Since uapis.cn is a third-party service, any sensitive data provided by the user is exposed to the service provider.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from an external API response.
  • Ingestion points: API response content from the uapis.cn endpoint.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are used when the agent processes the API output.
  • Capability inventory: The agent is instructed to call the API and use the response to fulfill the user's request. No file system or subprocess capabilities are utilized.
  • Sanitization: There is no evidence of sanitization, validation, or escaping of the content returned by the external API before it is presented or used by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 06:42 AM
Security Audit — agent-trust-hub — uapi-post-text-aes-encrypt