feed-ft
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches headlines and metadata from the Financial Times RSS feeds and retrieves content from well-known archival services like the Internet Archive.
- [COMMAND_EXECUTION]: Provides guidance on using the
curlutility to retrieve data from web archives. - [PROMPT_INJECTION]: The skill processes untrusted content from external news feeds and archives, which constitutes an indirect prompt injection surface.
- Ingestion points: SKILL.md identifies
ft.comandweb.archive.orgas sources for external data ingestion. - Boundary markers: None present; the skill normalizes content into JSON records without specific delimiters to isolate external text from agent instructions.
- Capability inventory: The skill utilizes shell commands (
curl), browser automation tools (chrome-use), and network fetching tools (web_fetch). - Sanitization: Includes logic to strip UTM tracking parameters from URLs.
Audit Metadata