last30days-cn

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: A thorough review of the skill's source code and dependencies confirms it performs legitimate data aggregation tasks as described. It leverages reputable Python packages such as Playwright and Jieba for browser automation and Chinese natural language processing.
  • [PROMPT_INJECTION]: The skill serves as a data ingestion engine for external internet sources, which presents an attack surface for indirect prompt injection. Malicious content hosted on the target social media platforms could potentially attempt to influence the agent's behavior during synthesis.
  • Ingestion points: Content retrieval logic in multiple platform-specific modules within scripts/lib/ (e.g., weibo.py, zhihu.py, xiaohongshu.py).
  • Boundary markers: Absent; untrusted platform content is interpolated into reports without explicit delimiters or instructions to the processing agent to disregard embedded commands.
  • Capability inventory: The skill is configured to use Bash, Read, Write, and WebSearch tools.
  • Sanitization: The rendering component in scripts/lib/render.py includes logic to sanitize URLs in HTML reports, ensuring that only HTTP and HTTPS protocols are used for links.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 02:01 AM
Security Audit — agent-trust-hub — last30days-cn