hacker-news-scraper
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-generated content from Hacker News, creating a surface for indirect prompt injection if interpreted by an agent.
- Ingestion points: scripts/search_hn.py (Algolia API).
- Boundary markers: Absent.
- Capability inventory: Restricted to network reads and stdout writes.
- Sanitization: Absent.
- [EXTERNAL_DOWNLOADS]: The skill uses the 'requests' Python package to fetch data from the Algolia Hacker News API, a well-known service.
Audit Metadata