daily-news-report
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from a predefined list of well-known technology and productivity websites, such as Hacker News, HuggingFace, and Product Hunt. These operations are essential to the skill's primary function of news aggregation.
- [COMMAND_EXECUTION]: The skill utilizes specific shell commands including
Bash(mkdir*),Bash(date*), andBash(ls*). These are used for standard maintenance tasks like creating output directories and managing filenames, and they are appropriately restricted by command whitelisting. - [PROMPT_INJECTION]: As a web scraper, the skill is susceptible to indirect prompt injection where malicious text on an external website could attempt to influence the report's content. However, the skill implements structured output requirements and stateless sub-agent prompts to mitigate the risk of these instructions affecting the agent's core behavior.
- Ingestion points: Fetches untrusted data via
WebFetchandmcp__chrome-devtoolsfrom external URLs defined insources.json. - Boundary markers: Employs structured JSON output schemas and explicit "stateless execution unit" prompts for sub-agents.
- Capability inventory: Possesses permissions to read and write files and execute limited, whitelisted shell commands.
- Sanitization: No explicit automated sanitization of external HTML/text content is performed before LLM processing, though the agent is instructed to filter based on quality scores.
Audit Metadata