search-product
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is configured to communicate with 'real-time-amazon-data.p.rapidapi.com'. This is a well-known API provider and the connection is necessary for the skill's primary function of retrieving Amazon product data.- [CREDENTIALS_UNSAFE]: The skill uses a slot-based system ('amazon-rapidapi-key') for handling authentication. This is a secure approach that avoids hardcoding secrets directly in the source code.- [INDIRECT_PROMPT_INJECTION]: The skill handles untrusted data through user-provided search queries.
- Ingestion points: 'skill-router.json' (query input).
- Boundary markers: None explicitly defined in the prompt template.
- Capability inventory: Performs network GET requests to an external API.
- Sanitization: No explicit input sanitization is performed on the query before transmission to the API.
Audit Metadata