Skills
skills/varnan-tech/opendirectory/show-hn-writer/Gen Agent Trust Hub

show-hn-writer

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes a Python script that fetches JSON data from the official Hacker News API (hacker-news.firebaseio.com), which is a well-known and trusted service.
  • [COMMAND_EXECUTION]: The agent is provided with a Python script in SKILL.md to retrieve and filter current top stories from Hacker News. This execution is limited to data retrieval and filtering based on user-supplied keywords.
  • [PROMPT_INJECTION]: The skill processes external, user-generated content from Hacker News story titles. This represents a potential surface for indirect prompt injection, although the current implementation only uses this data for analytical display.
  • Ingestion points: Hacker News API titles via the scraper script in SKILL.md.
  • Boundary markers: None present in the current output logic.
  • Capability inventory: Python script execution (requests, ThreadPoolExecutor) and potential file writing (hn_log.csv).
  • Sanitization: No sanitization is performed on the externally sourced titles.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 08:34 AM