aihot
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as
curl,jq, anddate. These commands are used to calculate relative timestamps for query parameters, fetch news data from the specified API, and process JSON responses into a readable markdown format. - [EXTERNAL_DOWNLOADS]: Fetches AI-related content, daily news briefs, and article summaries from the external domain
aihot.virxact.com. This behavior is central to the skill's purpose of providing current industry updates. - [INDIRECT_PROMPT_INJECTION]: The skill possesses a potential attack surface for indirect prompt injection as it ingests untrusted data from an external API (
aihot.virxact.com) and processes it into the agent context. - Ingestion points: News content retrieved via
curlfromapi/public/endpoints. - Boundary markers: None identified; instructions do not explicitly mandate delimiters or warning markers for external content.
- Capability inventory: Uses
curlandjqfor data processing as defined inSKILL.md. - Sanitization: None; the skill relies on the agent's native processing of the retrieved JSON data.
- [PROMPT_INJECTION]: Includes instructions such as "不要 undertrigger" (don't undertrigger) and prompts to prioritize the API data over the model's internal training data. These are intended to ensure the agent provides accurate, up-to-date information and do not represent a malicious attempt to bypass safety guidelines.
Audit Metadata