Skills
skills/athola/claude-night-market/discourse/Gen Agent Trust Hub

discourse

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface by processing untrusted external data from community discussion channels.
  • Ingestion points: Untrusted content enters the agent context through the Reddit JSON API, Hacker News Algolia API, and web search results from Lobsters and tech blogs.
  • Boundary markers: The instructions do not specify the use of clear delimiters or markers to isolate the fetched external data from the agent's internal prompt instructions.
  • Capability inventory: The workflow utilizes WebFetch and WebSearch to retrieve data, followed by parsing and merging functions to consolidate community findings.
  • Sanitization: No explicit sanitization or filtering mechanisms are defined in the skill documentation to validate the retrieved content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:34 PM