feed-coindesk
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs targeted network requests to a well-known and legitimate news service (coindesk.com) to fulfill its stated purpose as a news feed adapter. It implements recommended security and performance practices, such as conditional GET requests and exponential backoff for error handling.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external content from a third-party RSS feed.
- Ingestion points: The agent is instructed to fetch and parse data from
https://www.coindesk.com/arc/outboundfeeds/rss/as described inSKILL.md. - Boundary markers: No explicit delimiter or 'ignore' instructions are defined for the resulting JSON output structure.
- Capability inventory: The skill utilizes network retrieval and data normalization capabilities to process external news items.
- Sanitization: The skill specifically instructs the agent to 'strip HTML' from the description/summary field, which mitigates basic injection or formatting bypass attempts.
Audit Metadata