v2ex
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill performs network requests to v2ex.com, which is not on the trusted domain whitelist. This is the primary purpose of the skill.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from V2EX forum topics and notifications, which creates a potential surface for indirect prompt injection. Evidence Chain: (1) Ingestion points: API response content described in SKILL.md. (2) Boundary markers: None present. (3) Capability inventory: Network-read and network-write capabilities. (4) Sanitization: None explicitly documented in the provided code examples.
Audit Metadata