The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script scripts/search_hn.py makes requests to https://hn.algolia.com/api/v1/search_by_date. This is a well-known and legitimate service for searching Hacker News data.
[PROMPT_INJECTION]: The skill processes untrusted user-generated content (Hacker News titles, comments, and story text) which could contain malicious instructions designed to influence the agent's behavior (Indirect Prompt Injection). * Ingestion points: Data is fetched from the Algolia API in scripts/search_hn.py and returned as JSON or a summary table. * Boundary markers: The script does not wrap the fetched content in specific delimiters or safety warnings to distinguish it from system instructions. * Capability inventory: The skill itself has no dangerous capabilities (no file writes, shell execution, or sensitive data access) across its scripts, but the output is intended for the agent to process. * Sanitization: The script performs no sanitization or filtering of the fetched text before outputting it.

hacker-news-scraper