gate-news-eventexplain
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a pure informational workflow that uses read-only tools to fetch public market data and news.
- [DATA_EXFILTRATION]: No sensitive data access or external exfiltration patterns were detected. All network operations are limited to the provided MCP tools for retrieving information.
- [REMOTE_CODE_EXECUTION]: No evidence of remote code downloads, script execution, or package installation was found.
- [PROMPT_INJECTION]: No direct prompt injection, jailbreak attempts, or system prompt extraction patterns were identified in the instructions or scenarios. Regarding Indirect Prompt Injection vulnerability surfaces: Ingestion points: Untrusted data is ingested via news_events_get_latest_events, news_events_get_event_detail, and news_feed_search_news in SKILL.md; Boundary markers: Explicit boundary markers or warnings to ignore embedded instructions are absent in the report templates; Capability inventory: All tools are read-only; no subprocess calls, exec/eval, file-write, or arbitrary network operations are present across any scripts; Sanitization: No sanitization or filtering of external content is documented.
- [COMMAND_EXECUTION]: The skill does not use any shell commands or system-level calls that could lead to privilege escalation or persistence.
Audit Metadata