project-aeo-monitoring-tools
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Includes a standard curl example for validating API access to Perplexity AI. This is used for connectivity testing and follows developer best practices.
- [EXTERNAL_DOWNLOADS]: References official, well-known API endpoints for Perplexity AI (api.perplexity.ai). These connections are necessary for the skill's primary function of data monitoring.
- [PROMPT_INJECTION]: Documentation describes an architecture that ingests untrusted data from AI responses (Ingestion points: API responses in SKILL.md). The design lacks explicit boundary markers or sanitization logic for this external content (Boundary markers/Sanitization: absent). The proposed system includes capabilities like citation extraction and analysis layers (Capability inventory: Analysis Layer in SKILL.md), which creates a surface for indirect prompt injection if the data is processed by downstream AI components.
Audit Metadata