Skills
skills/6551team/opennews-mcp/opennews/Gen Agent Trust Hub

opennews

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes curl and jq to interact with the OpenNews API and process JSON responses as part of its primary functionality.
  • [EXTERNAL_DOWNLOADS]: Fetches real-time financial news data from the vendor's API at https://ai.6551.io.
  • [DATA_EXFILTRATION]: Uses an environment variable OPENNEWS_TOKEN for authentication, which is a secure method for handling API keys.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks common to information retrieval tools. Evidence: 1. Ingestion points: News articles and summaries from the OpenNews API (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Access to exec for data retrieval. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:11 AM