sn-search-social-cn
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Authentication cookies for platforms like Zhihu and Douyin are handled via environment variables or CLI arguments, avoiding hardcoded secrets and following standard security practices.
- [SAFE]: Network operations are directed solely at well-known social media platforms (Bilibili, Zhihu, Douyin) to perform search queries.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it retrieves untrusted search results from external social media platforms. This is a common characteristic of search-oriented tools.
- Ingestion points: External API responses processed in
bilibili_search.py,douyin_search.py, andzhihu_search.py. - Boundary markers: Absent. No specific delimiters are used to wrap the untrusted content.
- Capability inventory: Subprocess execution is not utilized; however,
zhihu_search.pywrites long content to temporary files. - Sanitization: The skill uses regular expressions to strip HTML tags from search results, providing a basic level of cleanup.
Audit Metadata