google-trends-research

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a Node.js runner script (collection_actor_run.mjs) to execute data collection tasks. This script interfaces with the PostPlus skill bridge or API to perform hosted actor runs. Additionally, a shared library (download_videos_from_manifest_with_ytdlp.mjs) utilizes spawn to execute the well-known yt-dlp Python module for downloading research media.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to PostPlus Cloud endpoints for retrieving search trend data. It also contains utilities for downloading files from external URLs, which are part of its shared research functionality.
  • [SAFE]: File system access is restricted to standard application configuration paths (e.g., .postplus directories in the work folder or user homedir) for managing session tokens and caching research results. No sensitive file exposure or unauthorized persistence mechanisms were identified.
  • [SAFE]: The main instruction file (SKILL.md) provides clear guidelines for task classification and data interpretation without any attempts at prompt injection or bypassing safety guardrails.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 04:51 PM
Security Audit — agent-trust-hub — google-trends-research