social-pulse-monitor

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill implements legitimate social listening functionality.
  • [DATA_EXPOSURE]: The skill uses external connectors to fetch telemetry and mentions from public platforms including Bluesky, Mastodon (Fediverse), Discourse forums, Hacker News (Algolia), and GDELT. These network operations are conducted using vendor-provided scripts (hn.py, bluesky.py, etc.) and target well-known services for the skill's stated purpose.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external social platforms, presenting a potential attack surface. However, it explicitly mitigates this risk through defensive instructions:
  • Ingestion points: Untrusted data enters the agent context via hn.py, bluesky.py, fediverse.py, discourse.py, gdelt.py, tavily.py, and user-provided exports (SKILL.md).
  • Boundary markers: The skill contains a dedicated security notice instructing the agent to treat every fetched mention as untrusted input and explicitly forbids external text from reclassifying mentions or altering query parameters.
  • Capability inventory: The skill writes pulse reports to local memory (memory/social/) and appends activity lines to memory/channels/candidates.md. It can promote crisis flags to memory/hot-cache.md to trigger other planning skills.
  • Sanitization: Instructions mandate that text inside mentions cannot override classification logic, suppress crisis flags, or modify the query architecture.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 03:38 PM
Security Audit — agent-trust-hub — social-pulse-monitor