interhuman-post-processing
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Data Exfiltration (LOW): The skill is designed to send local files to an external third-party API endpoint at
api.interhuman.ai. - Evidence: The provided Python, cURL, and Node.js examples explicitly show the transmission of file data to an external domain that is not on the trusted whitelist.
- Indirect Prompt Injection (MEDIUM): The skill provides a high-fidelity injection surface by ingesting external data and explicitly forbidding any sanitization or interpretation by the agent.
- Ingestion points: The JSON response returned from
https://api.interhuman.ai/v0/upload/analyzeis processed as data. - Boundary markers: No delimiters or safety instructions are provided to separate the external API response from the agent's internal instructions.
- Capability inventory: The skill utilizes network POST operations to retrieve external content which is then fed directly back into the LLM context.
- Sanitization: The skill's 'Output Rules' explicitly prohibit any form of sanitization, modification, or filtering of the external data ('Return the exact JSON response... without any modification'), making the agent vulnerable if the external API returns malicious instructional text.
Audit Metadata