Skills
skills/aster110/mycc/collect/Gen Agent Trust Hub

collect

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Vulnerable to indirect prompt injection due to the ingestion and processing of untrusted external data.
  • Ingestion points: External content fetched from RSS feeds, GitHub project descriptions, and social media trends via the 'newsnow' API.
  • Boundary markers: Absent; prompt templates in the analysis/ directory do not include delimiters or specific instructions to ignore malicious commands embedded in the data being analyzed.
  • Capability inventory: Fetched data is processed by LLM sub-agents, aggregated by a 'synthesizer' agent, and finally sent to a messaging platform (Feishu) using the tell-me skill.
  • Sanitization: The stripHTML function in fetcher.mjs removes HTML tags but does not filter out plain-text malicious instructions.
  • [EXTERNAL_DOWNLOADS]: The skill regularly fetches data from several external domains including github.com, various RSS endpoints (techcrunch.com, ruanyifeng.com, etc.), and a third-party aggregator at newsnow.busiyi.world.
  • [COMMAND_EXECUTION]: Employs shell commands and sub-processes to perform its tasks.
  • scripts/collect.mjs uses child_process.spawn to run individual collector scripts.
  • scripts/collectors/gh-trending.mjs uses execSync to run curl for bypassing standard fetch limitations on GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 09:16 PM