feed-coindesk

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill performs targeted network requests to a well-known and legitimate news service (coindesk.com) to fulfill its stated purpose as a news feed adapter. It implements recommended security and performance practices, such as conditional GET requests and exponential backoff for error handling.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external content from a third-party RSS feed.
  • Ingestion points: The agent is instructed to fetch and parse data from https://www.coindesk.com/arc/outboundfeeds/rss/ as described in SKILL.md.
  • Boundary markers: No explicit delimiter or 'ignore' instructions are defined for the resulting JSON output structure.
  • Capability inventory: The skill utilizes network retrieval and data normalization capabilities to process external news items.
  • Sanitization: The skill specifically instructs the agent to 'strip HTML' from the description/summary field, which mitigates basic injection or formatting bypass attempts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 08:03 AM
Security Audit — agent-trust-hub — feed-coindesk