topic-collector
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted content from social media platforms (Twitter/X, Reddit) and community sites (Hacker News) via web search. This creates a surface where malicious instructions embedded in public posts could influence the AI's output or behavior. 1. Ingestion points: Content retrieved from Twitter/X, Reddit, Hacker News, and various blogs (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when processing search results. 3. Capability inventory: Restricted to the WebSearch tool; no file system write or subprocess capabilities are defined in the skill file. 4. Sanitization: No content filtering or validation of retrieved data is performed.
- No Code (SAFE): The skill consists entirely of markdown instructions for the AI agent and does not include any executable scripts (such as Python or Node.js), which significantly reduces the direct attack surface.
Audit Metadata