weibo-hot
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill fetches data from an external website (weibo.com). If the trending topics themselves contain malicious instructions, the agent could potentially be influenced. Evidence: (1) Ingestion points: Data is fetched from https://s.weibo.com/top/summary in scripts/get_hot.py. (2) Boundary markers: Absent. (3) Capability inventory: The script prints titles and hot values to standard output. (4) Sanitization: None; the content is parsed and printed directly.
- [Safe Behavior] (SAFE): The network operations are limited to the target scraping site and use standard headers. No credentials or sensitive local files are accessed.
Audit Metadata