aicoin-news-content
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes news content from external sources.
- Ingestion points: Article text, headlines, and flash updates are fetched from aicoin.com endpoints via
scripts/news.mjs. - Boundary markers: No specific delimiters or instructions are used to prevent the agent from interpreting fetched news text as commands.
- Capability inventory: The script performs network GET requests; the risk involves the agent potentially following instructions embedded in news summaries using its broader set of capabilities.
- Sanitization: The script does not perform any validation or sanitization of the retrieved text content before returning it to the agent context.
- [DATA_EXFILTRATION]: The skill uses environment variables
AICOIN_ACCESS_KEY_IDandAICOIN_ACCESS_SECRETto authenticate with the vendor's API. This is standard behavior for the intended functionality and follows security best practices for credential management.
Audit Metadata