eceee-news-fulltext-fetch
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script
scripts/fulltext_fetch.pyperforms network requests usingurllib.requesttohttps://www.eceee.org/all-news/and various article-specific URLs to retrieve HTML content.\n- [DATA_EXFILTRATION]: Discovered article metadata and extracted text are persisted to a local SQLite database (eceee_news.db). The storage path is configurable via theECEEE_NEWS_DB_PATHenvironment variable.\n- [PROMPT_INJECTION]: The skill processes external web content, creating a surface for indirect prompt injection if the stored text is later used by an AI agent.\n - Ingestion points: External data is ingested via article URLs in
scripts/fulltext_fetch.py.\n - Boundary markers: Extracted text is not wrapped in specific delimiters or safety instructions to prevent the agent from interpreting it as commands.\n
- Capability inventory: The skill has permissions to read from the network and write to the local filesystem via SQLite.\n
- Sanitization: The script cleans HTML tags and normalizes whitespace but does not implement specific sanitization to identify or neutralize malicious instructions targeted at LLMs.
Audit Metadata