ai-news
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted external content (RSS feed items and video transcripts) to be summarized by the agent, creating a surface for indirect prompt injection.\n
- Ingestion points:
scripts/fetch-news.ts(RSS/Atom feeds) andscripts/fetch-transcript.ts(YouTube transcripts).\n - Boundary markers: None are explicitly defined in the instructions to separate external content from agent instructions.\n
- Capability inventory: The scripts are restricted to network GET requests and local stdout; no dangerous system capabilities like file-write or shell-execution are exposed to the processed data.\n
- Sanitization: Includes basic HTML stripping and character entity decoding on fetched content.\n- [EXTERNAL_DOWNLOADS]: Fetches AI news updates and YouTube metadata from well-known technology organizations and reputable media outlets including Hugging Face, OpenAI, Anthropic, Google DeepMind, VentureBeat, and The Verge.
Audit Metadata