hashtag-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): Dependencies (click, requests) are standard, reputable packages sourced from the official Python Package Index (PyPI).
- [DATA_EXFILTRATION] (SAFE): Although the 'requests' library is imported, no network calls are initiated in the code. Analysis and metrics are generated using local simulated dictionaries and random math.
- [COMMAND_EXECUTION] (SAFE): The Python script uses a structured CLI framework (Click) and does not utilize any functions capable of executing arbitrary system commands or dynamic code (e.g., subprocess, eval, or exec).
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill accepts user-defined hashtags and niche strings. Evidence: 1. Ingestion: main.py via command-line arguments. 2. Boundaries: None. 3. Capability: The script only performs string manipulation and printing. 4. Sanitization: Basic validation via Click types. The risk is negligible as the input is only used for local simulation and display.
Audit Metadata