fastmoss-creatives

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Python scripts to send JavaScript code via HTTP POST requests to a local daemon (kimi-webbridge) listening on 127.0.0.1:10086. This JavaScript is executed within the context of the user's browser to perform navigation, click pagination buttons, and extract table data. This behavior is documented and central to the skill's primary function.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection (Category 8) because it ingests untrusted data from FastMoss.com (video titles, music names, hashtags) and incorporates this content into a Markdown report template for the agent's review. However, the risk is mitigated by basic sanitization.
  • Ingestion points: Data is scraped from 热门视频, 热门音乐, and 热门标签 tables on FastMoss.com.
  • Boundary markers: The skill uses a structured Markdown template (references/analysis_recipe.md) to categorize data, though it lacks explicit 'ignore instructions' delimiters.
  • Capability inventory: Capabilities include reading browser content, executing in-browser JS, writing to the local file system (CSV/MD), and local network communication with the kimi-webbridge daemon.
  • Sanitization: The skill implements basic string cleaning by removing newlines and truncating entity names to a maximum of 120 characters.
  • [SAFE]: No evidence of obfuscated code, hardcoded credentials, or unauthorized remote code execution from external domains was found. The code is transparent and follows its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:24 AM
Security Audit — agent-trust-hub — fastmoss-creatives