tianyancha-cn
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill mentions a third-party Python library
tianyanchaas an example for programmatic access. - [INDIRECT_PROMPT_INJECTION]: The skill fetches data from external business databases, representing a potential surface for indirect prompt injection if the source data contains malicious instructions.
- Ingestion points: API responses from
open.api.tianyancha.comandapi.qichacha.com(referenced in SKILL.md). - Boundary markers: None present in the documentation examples.
- Capability inventory: The skill demonstrates using
curland Python to process external data. - Sanitization: No explicit validation or sanitization of API response content is described.
Audit Metadata