rss-automation
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate RSS feed aggregation and monitoring tasks.
- [EXTERNAL_DOWNLOADS]: Fetches content from external RSS/Atom feeds (e.g., Hacker News, TechCrunch) using the feedparser library. These are well-known services and the functionality is central to the skill's purpose.
- [PROMPT_INJECTION]: The skill processes data from external URLs which represents an indirect prompt injection surface. 1. Ingestion points: Untrusted data is fetched from feed URLs via feedparser.parse() in SKILL.md. 2. Boundary markers: No explicit boundary markers or instructions for the agent to ignore embedded content are provided. 3. Capability inventory: The skill writes state information to ~/.openclaw/rss-seen.json but does not possess dangerous capabilities like shell command execution or network exfiltration. 4. Sanitization: No content sanitization is performed on feed entry titles or links.
Audit Metadata