Skills
skills/allinherog-star/ai-skills/douyin-hotlist-overall/Gen Agent Trust Hub

douyin-hotlist-overall

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches data from the external domain ai-skills.ai to obtain Douyin's hot search lists.
  • [COMMAND_EXECUTION]: The skill requires the agent to execute a local Python script (scripts/run.py) to communicate with the service API.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of third-party trending data, creating a potential surface for indirect prompt injection.
  • Ingestion points: The output generated by scripts/run.py containing external hotlist data from Douyin.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded directives are provided in the prompt logic.
  • Capability inventory: The agent can execute a Python script (scripts/run.py) to fetch data.
  • Sanitization: The retrieved content is processed and returned as JSON without explicit sanitization against prompt injection patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 02:06 PM