llm-public-opinion-analytics
Warn
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires cloning an external codebase from
https://github.com/hmmnxkl/LLM-Based-Intelligent-Public-Opinion-Analytics-Assistant.gitand installing numerous unversioned dependencies via arequirements.txtfile. - [REMOTE_CODE_EXECUTION]: The installation process involves downloading and running external browser drivers (ChromeDriver/EdgeDriver) which are used to execute dynamic scraping logic at runtime.
- [COMMAND_EXECUTION]: Instructions direct the agent to execute multiple shell commands for database initialization, environment setup, and starting a local web server (
python app.py). - [DATA_EXFILTRATION]: The skill is designed to send processed data to external endpoints including Enterprise WeChat webhooks, Telegram bot APIs, and via SMTP to Gmail, creating potential pathways for sensitive data leakage if misconfigured.
- [PROMPT_INJECTION]: The skill exhibits a significant surface for Indirect Prompt Injection as it ingests untrusted content from 15+ Chinese social media platforms.
- Ingestion points: Crawlers for Weibo, Bilibili, Douyin, Toutiao, and others (specified in SKILL.md).
- Boundary markers: None identified; raw crawled content is passed directly to the
SentimentAnalyzerandTopicClusterermodules. - Capability inventory: Network access (requests/webhooks/SMTP), browser control (ChromeDriver), and file system writes (report generation).
- Sanitization: No evidence of content escaping or validation before passing scraped data to the LLM.
Audit Metadata