Skills
skills/cnife/my-scripts/crawl-xueqiu-my-timeline/Gen Agent Trust Hub

crawl-xueqiu-my-timeline

Warn

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the agent-browser package globally using npm from a third-party mirror and executes the mdpdf package via bunx from external registries.
  • [REMOTE_CODE_EXECUTION]: The script crawl_xueqiu_home_timeline_api.py utilizes an automated browser to evaluate and execute arbitrary JavaScript code via the fetch API to retrieve timeline data from Xueqiu.
  • [COMMAND_EXECUTION]: The skill executes multiple shell scripts to manage system processes (using pkill and pgrep), install software via brew and npm, and configure browser debugging ports.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted posts from social media and passes them to AI subagents for summarization and analysis.
  • Ingestion points: Xueqiu timeline data retrieved in crawl_xueqiu_home_timeline_api.py and saved to local Markdown files.
  • Boundary markers: Absent; the instructions rely on simple line prefix checks (e.g., // or >) which are insufficient to prevent adversarial instructions embedded in the content.
  • Capability inventory: The agent has the ability to execute system commands, write to the filesystem, and spawn multiple subagents.
  • Sanitization: Only basic HTML tag removal is performed, leaving the content unvetted for malicious prompt segments that could influence subagent behavior.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 20, 2026, 05:27 AM