news
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill allows the agent to use
curlorwgetto fetch content if standard web search tools fail. While intended for news gathering, direct command-line utility usage can be a surface for misuse if not properly constrained. - [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection (Category 8) due to its data processing nature.
- Ingestion points: External web content fetched via search tools or command-line utilities (curl/wget).
- Boundary markers: Absent. The instructions do not define clear delimiters or instruct the agent to ignore instructions embedded within the fetched news content.
- Capability inventory: Access to system-level commands (
curl,wget) used to retrieve data from arbitrary URLs. - Sanitization: Absent. There is no logic provided to sanitize or filter the content retrieved from external sources before the agent processes it.
Audit Metadata