feed-wsj

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves news information and RSS feeds from official Dow Jones and Wall Street Journal domains (dj.com).
  • [COMMAND_EXECUTION]: Instructs the agent to use the curl utility to access article snapshots from the Internet Archive (web.archive.org), which is a well-known archival service.
  • [EXTERNAL_DOWNLOADS]: References the use of archive.today and the chrome-use tool for retrieving article content.
  • [PROMPT_INJECTION]: The skill processes data from external news feeds, creating a surface for indirect prompt injection.
  • Ingestion points: News titles, links, and descriptions are parsed from external RSS XML feeds in SKILL.md.
  • Boundary markers: The skill defines a structured JSON output record to contain the retrieved data and delineate it from agent instructions.
  • Capability inventory: The skill utilizes curl for making network requests to fetch article data.
  • Sanitization: URL normalization is performed by stripping tracking parameters (utm_*), though no specific text sanitization for the headline or summary content is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 08:03 AM
Security Audit — agent-trust-hub — feed-wsj