gdelt-mentions-fetch
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches dataset snapshots and manifests from official GDELT Project public endpoints.
- [COMMAND_EXECUTION]: The Python script gdelt_mentions_fetch.py provides a command-line interface for managing configuration, resolving file lists, and fetching data.
- [SAFE]: The skill processes external data from GDELT, which represents a surface for indirect prompt injection. Evidence Chain: (1) Ingestion: scripts/gdelt_mentions_fetch.py downloads CSV data from remote public mirrors. (2) Boundary markers: The skill returns structured JSON manifests to the agent context. (3) Capability inventory: The script performs local file writes (Path.write_bytes) and network GET requests (urllib.request). (4) Sanitization: The script implements ZIP integrity checks (testzip), strict UTF-8 decoding validation, and column-count verification against the GDELT schema.
Audit Metadata