pr-opportunity-scanner

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data from web search results (Reddit, Hacker News, Dev.to, and roundup articles), creating a surface for indirect prompt injection.
  • Ingestion points: Data retrieved via the exa-search__web_search_advanced_exa tool is directly analyzed in the daily and on-demand workflows to score opportunities and draft responses.
  • Boundary markers: The skill does not implement specific delimiters or instructions to treat the search results as untrusted data or to disregard potential instructions embedded within those results.
  • Capability inventory: The skill maintains state in memory/pr-opportunities.json and outputs text to the user. It lacks permissions for critical system operations or direct network exfiltration of sensitive user files.
  • Sanitization: No explicit sanitization or filtering is applied to the raw content retrieved from external websites before it is processed by the language model.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — pr-opportunity-scanner