content-collector
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted content from external URLs (X, Reddit, WeChat, etc.) and OCR-extracted text. This is a functional requirement for its summarization and categorization tasks.
- Ingestion points: External URLs and screenshots processed via OCR.
- Boundary markers: None explicitly mentioned in the skill documentation.
- Capability inventory: The skill can write to local cache and temporary files, upload documents to Feishu Drive, and modify Feishu tables.
- Sanitization: No specific filtering or sanitization of the scraped content is described.
- [COMMAND_EXECUTION]: The skill workflow involves executing internal Python scripts (
scripts/extract_content.py,scripts/deduplicate.py,scripts/ocr_image.py) with user-supplied data (URLs and image paths). These operations are part of the intended local processing logic.
Audit Metadata