feed-wsj
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves news information and RSS feeds from official Dow Jones and Wall Street Journal domains (dj.com).
- [COMMAND_EXECUTION]: Instructs the agent to use the curl utility to access article snapshots from the Internet Archive (web.archive.org), which is a well-known archival service.
- [EXTERNAL_DOWNLOADS]: References the use of archive.today and the chrome-use tool for retrieving article content.
- [PROMPT_INJECTION]: The skill processes data from external news feeds, creating a surface for indirect prompt injection.
- Ingestion points: News titles, links, and descriptions are parsed from external RSS XML feeds in SKILL.md.
- Boundary markers: The skill defines a structured JSON output record to contain the retrieved data and delineate it from agent instructions.
- Capability inventory: The skill utilizes curl for making network requests to fetch article data.
- Sanitization: URL normalization is performed by stripping tracking parameters (utm_*), though no specific text sanitization for the headline or summary content is mentioned.
Audit Metadata