Skills
skills/gate/gate-skills/gate-news-intel/Gen Agent Trust Hub

gate-news-intel

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes shell and PowerShell scripts (scripts/update-skill.sh and scripts/update-skill.ps1) designed to update the skill content.
  • The scripts download the latest version of the skill from the author's official GitHub repository (github.com/gate/gate-skills).
  • Update mechanisms include git clone, as well as downloading and expanding ZIP and tar.gz archives.
  • The scripts also perform a version check by fetching the SKILL.md frontmatter from raw.githubusercontent.com.
  • [COMMAND_EXECUTION]: The skill's primary function is to execute gate-cli (v0.5.2) commands to retrieve market intelligence.
  • Authorized commands include search-news, get-latest-events, get-exchange-announcements, search-ugc, and search-x.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from news feeds and social media (UGC, X, Reddit, YouTube), which is a surface for indirect prompt injection.
  • Ingestion points: External data enters via the search-news, search-ugc, and search-x commands.
  • Boundary markers: The instructions do not define specific delimiters or "ignore embedded instructions" markers for the untrusted data.
  • Capability inventory: The agent is restricted to executing gate-cli data-gathering tools.
  • Sanitization: The skill does not specify any sanitization or filtering of the retrieved content before it is presented to the agent for synthesis.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 02:43 PM