rss-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches RSS and Atom feeds from external URLs using the 'feedparser' library. This is a core part of its intended functionality.- [DATA_EXFILTRATION]: The skill records IDs of seen items in a local JSON file located at '~/.openclaw/rss-seen.json'. This is standard behavior for a stateful monitoring tool and does not involve exfiltration of sensitive information.- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes untrusted external content from RSS feeds. Ingestion points: Feed content ingested via 'feedparser.parse()'. Boundary markers: None present. Capability inventory: Writing state to a local file. Sanitization: No explicit sanitization of entry titles or links is shown in the provided snippets. This risk is inherent to any tool that aggregates content from the web for further processing.
Audit Metadata