Skills
skills/cpfiffer/central/Bluesky Search/Gen Agent Trust Hub

Bluesky Search

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill fetches untrusted content from the Bluesky network, which could contain malicious instructions designed to manipulate the AI agent.
  • Ingestion points: External content is fetched in scripts/search.py from the public.api.bsky.app API.
  • Boundary markers: Absent; search results and post texts are displayed to the agent without explicit delimiters.
  • Capability inventory: Low risk because the skill lacks write or execute capabilities (no subprocess, eval, or file write operations).
  • Sanitization: None; the script relies on standard JSON parsing and simple string formatting.
  • Data Exposure & Exfiltration (LOW): The script initiates network connections to a non-whitelisted domain.
  • Evidence: scripts/search.py makes urllib.request calls to https://public.api.bsky.app, which is not on the predefined list of trusted domains.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 08:30 AM