alphaear-news
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network requests to external domains including newsnow.busiyi.world for news aggregation and gamma-api.polymarket.com for market data. It also uses the Jina Reader API (r.jina.ai) to extract web content.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests and processes untrusted news headlines and content.
- Ingestion points: Untrusted data is ingested from external news sources (NewsNow) and web extraction results (Jina Reader) in scripts/news_tools.py and scripts/content_extractor.py.
- Boundary markers: The skill does not implement delimiters or instructions for the agent to ignore instructions within the fetched data.
- Capability inventory: The skill primarily performs data retrieval and local storage using sqlite3; it does not contain dangerous execution capabilities such as eval, exec, or subprocess calls.
- Sanitization: No explicit sanitization or filtering of the ingested news content was observed.
Audit Metadata