ai-news-fetcher
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill ingests untrusted data from the public internet via the Tavily MCP tool, which can be manipulated by third parties to include malicious instructions.
- Ingestion points: Web search results and news content fetched via Tavily.
- Boundary markers: None specified; there are no instructions to the agent to treat fetched content as data rather than instructions.
- Capability inventory: The agent is instructed to generate bilingual markdown articles, meaning the untrusted data directly influences the agent's writing and reasoning output.
- Sanitization: No sanitization, filtering, or validation of the fetched web content is mentioned or implemented in the skill metadata.
Audit Metadata