last30days
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external social media and web sources.\n
- Ingestion points: Untrusted content is ingested through
scripts/lib/openai_reddit.py,scripts/lib/xai_x.py, andscripts/lib/websearch.py.\n - Boundary markers: The skill instructions do not mandate the use of delimiters or explicit "ignore instructions" warnings for the AI when it synthesizes the research results.\n
- Capability inventory: The skill has the capability to make network requests (
scripts/lib/http.py) and write files to the local system (scripts/lib/render.py).\n - Sanitization: The skill performs data cleaning, including text truncation and date validation, in
scripts/lib/normalize.py.\n- [COMMAND_EXECUTION]: The skill executes the local Python scriptscripts/last30days.pyto perform its research and processing tasks.\n- [DATA_EXFILTRATION]: The skill performs network requests to well-known and established services, including the OpenAI, xAI, and Reddit APIs, to fetch content relevant to the research topic.\n- [SAFE]: The skill demonstrates good security hygiene by instructing the user to apply restrictive file permissions (chmod 600) to the configuration file containing API keys.
Audit Metadata