rss-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Performs network operations to external domains to fetch RSS/Atom feed content. Evidence: index.js uses the native https and http modules to make GET requests to arbitrary URLs provided as arguments to the fetchFeed function.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external feeds.
- Ingestion points: The fetchFeed function in index.js reads XML/Atom data from remote servers.
- Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present in the output strings generated for the agent.
- Capability inventory: The skill has network read capabilities and formats external content (titles, descriptions, full content) for agent consumption.
- Sanitization: No sanitization or validation is performed on the content of the feed items to prevent instructions embedded in the feed from influencing the agent's behavior.
Audit Metadata