hn-top10
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The Python script
scripts/hn_top10.pymakes a network request tohttps://news.ycombinator.com/to retrieve the current front-page stories. This targets a well-known service and is necessary for the skill's stated purpose. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes external content from the internet.
- Ingestion points: Untrusted story titles and links are fetched from the Hacker News homepage in
scripts/hn_top10.py. - Boundary markers: Delimiters are present in the form of a structured summary template in
SKILL.mdto help the agent maintain context and separate fetched data from instructions. - Capability inventory: The skill performs network GET requests and has the ability to write files to the local filesystem.
- Sanitization: The script uses standard JSON and CSV libraries for output formatting, which provides basic escaping, though it does not explicitly filter the fetched text for potential prompt injection markers.
Audit Metadata