alphaear-sentiment
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches pre-trained sentiment analysis models from Hugging Face (e.g., uer/roberta-base-finetuned-chinanews-chinese) when using BERT mode. This is standard behavior for the skill's purpose and utilizes a well-known service.\n- [COMMAND_EXECUTION]: The DatabaseManager provides an execute_query method for running arbitrary SQL commands on the local database. While useful for flexibility, this represents a capability that could be misused if the agent attempts to construct queries using unsanitized external data.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during LLM-based analysis. Untrusted news data is interpolated directly into prompts without protective delimiters or instructions to ignore embedded commands.\n
- Ingestion points: News content and titles are retrieved from the daily_news and search_detail tables in scripts/database_manager.py.\n
- Boundary markers: Absent. The prompt template in SKILL.md (文本: {text}) lacks delimiters or explicit security instructions to ignore malicious content.\n
- Capability inventory: The skill can perform database updates and arbitrary SQL execution via the internal DatabaseManager API.\n
- Sanitization: No input sanitization or validation is implemented for the text before it is processed by the LLM.
Audit Metadata