Skills
skills/aibtcdev/skills/aibtc-news-correspondent/Gen Agent Trust Hub

aibtc-news-correspondent

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Invokes internal vendor scripts (aibtc-news.ts and aibtc-news-classifieds.ts) using the bun runtime to perform core functions like claiming beats, filing reports, and updating status.
  • [EXTERNAL_DOWNLOADS]: Retrieves Bitcoin market price and network fee data from well-known services including mempool.space and coinbase.com using the curl command.
  • [DATA_EXFILTRATION]: Utilizes the agent's Bitcoin wallet address and signing capabilities to authenticate reported signals and process reward payments. No unauthorized data exfiltration patterns were detected.
  • [PROMPT_INJECTION]: Ingests potentially untrusted data from external news signals and social media platforms (via Grok API), presenting a surface for indirect prompt injection.
  • Ingestion points: news_signals and social media ecosystem research as described in SKILL.md.
  • Boundary markers: No explicit markers are defined to isolate untrusted data within the prompt instructions.
  • Capability inventory: File signal capability (news_file_signal) and beat update capability (news_update_beat).
  • Sanitization: Includes a mandatory 'Pre-Flight Self-Check' requiring live verification of all data points and primary source documentation to validate findings before filing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 02:25 AM