pr-opportunity-scanner
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from web search results (Reddit, Hacker News, Dev.to, and roundup articles), creating a surface for indirect prompt injection.
- Ingestion points: Data retrieved via the
exa-search__web_search_advanced_exatool is directly analyzed in the daily and on-demand workflows to score opportunities and draft responses. - Boundary markers: The skill does not implement specific delimiters or instructions to treat the search results as untrusted data or to disregard potential instructions embedded within those results.
- Capability inventory: The skill maintains state in
memory/pr-opportunities.jsonand outputs text to the user. It lacks permissions for critical system operations or direct network exfiltration of sensitive user files. - Sanitization: No explicit sanitization or filtering is applied to the raw content retrieved from external websites before it is processed by the language model.
Audit Metadata