Skills
skills/allinherog-star/ai-skills/douyin-sentiment-dashboard/Gen Agent Trust Hub

douyin-sentiment-dashboard

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: Transmits user-provided Douyin video links and authentication tokens to the service at ai-skills.ai. This is the intended behavior of the skill and is fully disclosed in the security metadata within SKILL.md.
  • [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through the processing of external video comments, which could contain instructions designed to manipulate the agent.
  • Ingestion points: scripts/run.py receives analyzed comment data from the ai-skills.ai API.
  • Boundary markers: No specific boundary markers or 'ignore' instructions are used to delimit the external data.
  • Capability inventory: The skill is limited to performing network requests to its own backend via urllib.request in scripts/run.py.
  • Sanitization: No sanitization of the comment content is performed in the local execution script.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 08:58 AM