last30days
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs local Python scripts to perform data analysis and provides commands for the user to initialize local configuration files.
- [EXTERNAL_DOWNLOADS]: The skill communicates with well-known third-party APIs (OpenAI and xAI) and retrieves data directly from Reddit threads to populate its research reports.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core function of processing untrusted content from social media and the web. Ingestion points: Untrusted data is retrieved from social media APIs and web searches via scripts/lib/openai_reddit.py, scripts/lib/xai_x.py, and scripts/lib/websearch.py. Boundary markers: The agent is instructed to ground its synthesis in the research, but there are no explicit delimiters used to isolate untrusted content from the system prompt. Capability inventory: The skill can write output and context files to the user's local directory (~/.local/share/last30days/out/). Sanitization: The skill performs basic truncation of retrieved text but does not implement robust sanitization to prevent the interpretation of embedded instructions.
Audit Metadata