trend-spotter
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches search trends and RSS feeds from Google (trends.google.com), repository data from the GitHub API (api.github.com), and news items from the Hacker News API (hacker-news.firebaseio.com). These sources are recognized as trusted services.
- [COMMAND_EXECUTION]: Uses
curlto retrieve remote data and pipes the output to local Python one-liners. This pattern is used for data processing and does not execute remote code. - [INDIRECT_PROMPT_INJECTION]: The skill processes external information such as news titles and repository descriptions. This content enters the agent context via API ingestion points. No explicit boundary markers are present. However, the capability inventory is restricted to data parsing and report generation using safe libraries (json, xml.etree.ElementTree), and the content is not passed to dangerous sinks.
Audit Metadata