news-sentiment
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from well-known platforms including Sina Finance (
vip.stock.finance.sina.com.cn), Twitter, and Reddit via thesnscrapeandrequestslibraries. These operations are core to the skill's stated purpose of news and sentiment retrieval. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external web sources which could potentially contain malicious instructions intended for an LLM.
- Ingestion points: Data enters the system in
scripts/news.pyviasearch_news(Sina Finance) andsearch_social(Twitter/Reddit) functions. - Boundary markers: The output is structured as JSON, but there are no specific markers or instructions to the agent to ignore embedded commands in the scraped text.
- Capability inventory: The skill itself has no capabilities for command execution or file system writes; it only outputs JSON data to the standard output.
- Sanitization: The script uses
BeautifulSoupto extract text from HTML and filters out script/style tags, providing basic sanitization of the input content.
Audit Metadata