product-validator
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs network operations to vendor-specific proxy endpoints (nexscope-ai.com) to retrieve product market data. This aligns with the author context and the skill's primary purpose.
- [COMMAND_EXECUTION]: The skill executes local Python scripts to perform numerical analysis and generate visualization charts. These scripts use standard libraries like matplotlib and statistics.
- [PROMPT_INJECTION]: The skill processes data from external sources (API responses for product titles and categories), which represents a standard surface for indirect prompt injection. However, the data is primarily used for deterministic scoring and image generation rather than being directly interpolated into high-privilege prompt templates.
- [SAFE]: Sensitive information such as API keys are managed through environment variables (NEXSCOPE_API_KEY), avoiding hardcoded credentials.
Audit Metadata