Skills
skills/sundial-org/awesome-openclaw-skills/news-aggregator-skill-2/Gen Agent Trust Hub

news-aggregator-skill-2

Warn

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to dynamically construct shell commands (e.g., python3 scripts/fetch_news.py --keyword "...") using user-supplied keywords. This creates a surface for command injection if keywords contain shell metacharacters.\n- [PROMPT_INJECTION]: The skill includes a trigger phrase ('news-aggregator-skill 如意如意') that instructs the agent to read and display specific files, potentially bypassing intended constraints.\n- [PROMPT_INJECTION]: Indirect Prompt Injection Risk:\n
  • Ingestion points: External article content retrieved through the --deep flag in fetch_news.py.\n
  • Boundary markers: Absent; the instructions lack delimiters or directives to ignore instructions within the fetched content.\n
  • Capability inventory: Ability to execute shell commands via python3 and write files to the reports/ directory.\n
  • Sanitization: Absent; the retrieved content is processed for analysis without prior validation or filtering.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 15, 2026, 07:26 AM