Skills
skills/browser-act/skills/google-news-api-skill/Gen Agent Trust Hub

google-news-api-skill

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/google_news_api.py performs network requests to api.browseract.com. This is the official API endpoint for the service provider and matches the skill author's domain, representing standard vendor functionality.
  • [PROMPT_INJECTION]: The skill processes news content retrieved from external sources. This constitutes an indirect prompt injection surface.
  • Ingestion points: Data is received via API response in scripts/google_news_api.py.
  • Boundary markers: Absent; there are no specific delimiters defined to isolate external news text from agent instructions.
  • Capability inventory: The script is limited to HTTP GET/POST and printing results; it does not perform file writes, subprocess execution, or dynamic code evaluation.
  • Sanitization: No explicit sanitization or filtering of the retrieved news content is performed before output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 03:43 PM
Security Audit — agent-trust-hub — google-news-api-skill