news
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing content from external news websites.
- Ingestion points: External news content is ingested into the agent context via the
browser_usetool from several news domains. - Boundary markers: Absent. There are no explicit instructions to use delimiters or ignore instructions found within the fetched news content.
- Capability inventory: The skill utilizes the
browser_usetool to interact with web pages and extract content. - Sanitization: Absent. The agent extracts and summarizes content directly from the raw snapshots without validation.
- [EXTERNAL_DOWNLOADS]: The skill directs the agent to fetch data from external URLs for news aggregation.
- The skill references several established news outlets including People's Daily, China News, and CGTN.
- One source, China Economic Net (
http://www.ce.cn/), uses an unencrypted HTTP connection.
Audit Metadata