Skills
skills/browser-act/skills/google-news-api-skill/Gen Agent Trust Hub

google-news-api-skill

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [DATA_EXFILTRATION]: The script sends search terms and a vendor API key to api.browseract.com. This is legitimate communication with the official endpoint for the BrowserAct service and is required for functionality.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8).
  • Ingestion points: The script 'scripts/google_news_api.py' fetches news headlines, sources, and links from the Google News API.
  • Boundary markers: No delimiters or warnings are present to instruct the agent to ignore instructions embedded in the news content.
  • Capability inventory: The skill has network access via the 'requests' library in 'scripts/google_news_api.py'.
  • Sanitization: No sanitization or filtering of the retrieved news content is performed before it is output to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 06:28 PM