newsblur-cli
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing untrusted data from external RSS feeds and news stories. Ingestion points: Commands such as newsblur stories list and newsblur briefing fetch external content into the agent's context. Boundary markers: There are no explicit delimiters provided to separate news content from instructions. Capability inventory: The agent can execute shell commands through the newsblur-cli tool. Sanitization: No sanitization of the fetched news content is described.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the newsblur-cli Python package. This is a legitimate dependency for the tool's functionality.
Audit Metadata