Skills
skills/shadowcz007/skills/solo-topics/Gen Agent Trust Hub

solo-topics

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the agent executing a local script (scripts/solo-topics.js) via the Node.js runtime to perform all operations, which is the intended method for interacting with the service.
  • [DATA_EXFILTRATION]: The add sub-command in the provided script allows the agent to read any local file path passed as an argument using fs.readFileSync and upload its content to www.mixdao.world. There is no validation to ensure only Markdown files are read, creating a potential vector for the exfiltration of sensitive files like .env or SSH keys if the agent is manipulated by a user or malicious data.
  • [PROMPT_INJECTION]: The skill exhibits a significant indirect prompt injection surface. It fetches data from an external API (/api/topics and /api/topics/{id}/articles) and presents it to the agent without sanitization or protective boundary markers. Specifically, the reportPrompt and keywords fields in topics, as well as the article content, are processed by the agent and could contain malicious instructions designed to hijack the conversation or trigger unintended tool usage.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 07:33 PM