sports-reporter
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute multiple subcommands of the 'sports-skills' CLI tool (e.g.,
get_scoreboard,get_standings,get_player_stats) to collect data for various sports modules. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'sports-skills' package, which can be fetched from PyPI or the author's official GitHub repository (
github.com/machina-sports/sports-skills.git). These are legitimate vendor resources and are documented for installation and troubleshooting purposes. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes data from external sports providers to generate narrative content.
- Ingestion points: Data enters the system context through the standard output of the 'sports-skills' CLI tool during the data collection phase described in
SKILL.md. - Boundary markers: The article templates in
references/article-templates.mddo not utilize specific delimiters or instructions to ignore potential commands embedded in the sports data. - Capability inventory: The skill's primary capability is the execution of CLI tools and the generation of text; it does not explicitly request file-write or unauthorized network access, though it depends on the 'sports-skills' package.
- Sanitization: There is no evidence of data sanitization, escaping, or schema validation for the external content before it is interpolated into the final journalistic output.
Audit Metadata