Skills
skills/shadowcz007/skills/solo-scope/Gen Agent Trust Hub

solo-scope

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests and processes untrusted data from an external RSS feed without sufficient boundary markers or sanitization.
  • Ingestion points: The skill fetches data from https://www.mixdao.world/feed as defined in SKILL.md.
  • Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings to prevent the agent from executing instructions embedded within the RSS item titles or descriptions.
  • Capability inventory: The agent uses curl for network reads and generates Markdown output for the user.
  • Sanitization: Absent. There is no logic to escape or validate the content retrieved from the external source before it is processed by the LLM.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to an external domain to retrieve data.
  • Evidence: Uses curl -s -L -H "Accept: application/rss+xml" "https://www.mixdao.world/feed" to pull the RSS feed.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a shell command (curl) to perform its primary function.
  • Evidence: The workflow explicitly directs the agent to use curl or similar tools to fetch the XML data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 07:32 PM