ad-angle-miner
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (scrape_reviews.py, scrape_reddit.py, and scrape_twitter.py) to perform its data gathering tasks. These are defined within a sub-skill architecture and used for their primary intended purpose.\n- [PROMPT_INJECTION]: The skill is a surface for indirect prompt injection because it ingests and processes data from external sources like Reddit, Twitter, and review sites.\n
- Ingestion points: Text and JSON data from G2, Capterra, Reddit, and Twitter.\n
- Boundary markers: None explicitly mentioned in the extraction framework instructions.\n
- Capability inventory: The skill has permissions to execute local scripts and write output files to the local directory structure.\n
- Sanitization: No specific sanitization or filtering logic is described for the external content before it is analyzed by the LLM.
Audit Metadata