aie-europe-2026
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches conference data and metadata from the official vendor domain
ai.engineerand references the vendor's CLI tool@aidotengineer/aie. These are documented as vendor-owned resources. - [DATA_EXFILTRATION]: Network operations target the vendor's own domain and well-known services such as
googleapis.comfor vector embedding generation. No suspicious or unauthorized exfiltration paths were detected. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests conference session titles, speaker bios, and talk descriptions which could contain malicious instructions.
- Ingestion points:
sessions.json,speakers.json, and JSON-RPC results from the MCP server tool calls. - Boundary markers: None are specified in the provided implementation examples or tool definitions.
- Capability inventory: Includes network requests via multiple libraries (fetch, requests, curl) and the ability to execute the vendor's CLI tool via
npx. - Sanitization: Data is retrieved and parsed using standard JSON decoders without specific filtering for instruction injection or jailbreak patterns.
Audit Metadata