rss-automation
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the 'feedparser' Python library, which is a standard and well-known package for parsing RSS and Atom feeds.
- [PROMPT_INJECTION]: The skill ingests data from external RSS feeds, creating a surface for potential indirect prompt injection. 1. Ingestion points: Feed content is retrieved via 'feedparser.parse' calls as seen in 'SKILL.md'. 2. Boundary markers: No specific delimiters or safety instructions are present in the provided snippets. 3. Capability inventory: The skill uses file-writing capabilities to maintain a persistent state of seen entries in '~/.openclaw/rss-seen.json'. 4. Sanitization: No explicit validation or sanitization of the feed content is demonstrated before processing.
Audit Metadata