ad-angle-miner
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from external sources such as Reddit threads, Twitter posts, and product reviews. An attacker could embed malicious instructions within these public forums that might influence the agent's behavior during the 'Angle Extraction' phase.
- Ingestion points: The skill reads data from G2, Capterra, Trustpilot, Reddit, Twitter, and user-provided support tickets.
- Boundary markers: No specific delimiters or instructions are provided to the model to ignore potential commands embedded within the mined text.
- Capability inventory: The skill executes shell commands to run scraping scripts (
scrape_reviews.py,scrape_reddit.py, etc.) and writes output to local files. - Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed by the LLM.
- [COMMAND_EXECUTION]: The skill executes several Python scripts located in the
skills/directory to perform data collection. It assumes these external dependencies are present and executable in the environment. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to various third-party platforms (G2, Reddit, Twitter, Apify) to fetch content. While this is the primary purpose of the skill, it involves interaction with external infrastructure and requires an
APIFY_API_TOKEN.
Audit Metadata