Skills
skills/chenmuwen0930-rgb/openclaw-skill-zsxq/zsxq-summary/Gen Agent Trust Hub

zsxq-summary

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Malicious instructions embedded in Knowledge Planet posts or PDF files could potentially influence the agent's behavior.\n
  • Ingestion points: The skill fetches post content and PDF text from api.zsxq.com via fetch_topics.js.\n
  • Boundary markers: No delimiters or safety instructions are used when interpolating external content into the AI prompt in SKILL.md.\n
  • Capability inventory: The skill executes local commands and makes network requests to fetch data.\n
  • Sanitization: The skill does not sanitize or filter the content retrieved from Knowledge Planet before passing it to the model.\n- [COMMAND_EXECUTION]: The skill performs command execution to run its data fetching logic.\n
  • Evidence: SKILL.md instructs the agent to run node fetch_topics.js and bash install.sh.\n- [EXTERNAL_DOWNLOADS]: The skill downloads external data to fulfill its primary purpose.\n
  • Evidence: fetch_topics.js fetches JSON data and PDF files from api.zsxq.com. As this is a well-known service related to the skill's purpose, this is documented neutrally.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 09:31 AM