News
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process and summarize external news content, creating a surface for indirect prompt injection where malicious instructions could be embedded in news articles.\n
- Ingestion points: Processes external news articles and briefings fetched from sources specified in the user's local memory or via external scraping tools as defined in the Core Rules of SKILL.md.\n
- Boundary markers: The skill lacks explicit instructions to wrap external content in delimiters or to disregard embedded instructions within the ingested news data.\n
- Capability inventory: The skill is authorized to read and write profile, history, and source information within the user's
~/news/directory.\n - Sanitization: No specific sanitization, filtering, or validation of the ingested news content is specified in the instruction set.\n- [NO_CODE]: The skill consists exclusively of markdown instructions and metadata. It does not contain any scripts, binaries, or direct shell command execution logic.
Audit Metadata