opennews
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches real-time news articles and market signals from the vendor's API at
ai.6551.io. This communication is necessary for the skill's primary functionality. - [COMMAND_EXECUTION]: Utilizes
curlto perform network requests andjqto parse and format JSON data, which are standard utilities for this type of task. - [PROMPT_INJECTION]: The skill processes news headlines and summaries from an external source, creating a surface for indirect prompt injection where malicious content could attempt to influence the agent.
- Ingestion points: Data retrieved from the
/open/news_searchendpoint as described inSKILL.md. - Boundary markers: None; the skill does not use specific markers to delimit untrusted news data from agent instructions.
- Capability inventory: The skill has the ability to execute system commands via the
exectool. - Sanitization: The skill does not implement sanitization or filtering of the incoming news text before it enters the agent's context.
Audit Metadata