last30days
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core function of ingesting and processing untrusted data from social media and the web.
- Ingestion points: External data from Reddit threads, X posts, and various web pages is loaded into the agent's context through search results processed in
scripts/lib/openai_reddit.py,scripts/lib/xai_x.py, andscripts/lib/websearch.py. - Boundary markers: There are no explicit delimiters or strict "ignore embedded instructions" warnings provided for the research content before it is processed by the "Judge Agent" instructions in
SKILL.md. - Capability inventory: The skill is capable of executing local Python scripts, making network requests via
urllib.request, and writing output files to~/.local/share/last30days/out. - Sanitization: While the skill performs date-based filtering and normalization, it does not sanitize the text content of fetched posts or pages for potential instruction injection.
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to well-known and trusted services, including the OpenAI and xAI APIs for discovery and Reddit for thread enrichment.
- [COMMAND_EXECUTION]: Executes the skill's own internal logic via
python3 ./scripts/last30days.pyto handle data normalization, scoring, and output generation.
Audit Metadata