news-aggregator-skill
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill aggregates news headlines and metadata from multiple external platforms, including Hacker News, GitHub Trending, Product Hunt, Weibo, 36Kr, V2EX, WallStreetCN, and Tencent News.
- [EXTERNAL_DOWNLOADS]: The 'Deep Fetch' functionality downloads and extracts full text content from arbitrary external URLs linked within news feeds to support deeper AI summarization.
- [PROMPT_INJECTION]: The skill exposes the agent to indirect prompt injection by ingesting and processing untrusted article content from the internet.
- Ingestion points: Untrusted data enters the agent context via the
fetch_url_contentfunction inscripts/fetch_news.pywhich retrieves article text from arbitrary URLs. - Boundary markers: Absent. The skill does not use specific delimiters or include instructions for the agent to treat the fetched content as untrusted data.
- Capability inventory: The skill utilizes network access (
requests.get) and the agent is instructed to write the resulting summarized reports to the localreports/directory. - Sanitization: Absent. While the script extracts plain text from HTML and removes scripts/styles, it does not perform any validation or sanitization to detect or neutralize potential prompt injection instructions embedded in the text.
Audit Metadata