news
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Detected a vulnerability surface for Indirect Prompt Injection (Category 8). Ingestion points: External news data is retrieved from Twitter and RSS feeds in index.ts via the createNewsFeed function. Boundary markers: The output is formatted with markdown bolding but lacks explicit delimiters or instructions to the agent to ignore embedded commands. Capability inventory: Analysis confirms no high-risk capabilities like exec, eval, file-system writes, or outbound network POST requests are present in the skill scripts. Sanitization: External news content is used directly in the output without specific filtering or sanitization.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded credentials were found. The skill correctly uses environment variables (X_BEARER_TOKEN, TWITTER_BEARER_TOKEN) to manage API access.
- [REMOTE_CODE_EXECUTION] (SAFE): No patterns for remote code execution, dynamic package installation, or runtime code generation were detected.
Audit Metadata